Domain: mozilla.org
Stories and comments across the archive that link to mozilla.org.
Comments · 17,579
-
Re:Translation
We all pay for our internet connection and then a significant portion of our bandwidth is used solely for the benefit and profit of Google to stream ads all over your screen.
Firefox + Adblock + NoScript = User Control
Declare your independence from Internet advertisers and take back control of the connection that you pay for. Your bandwidth, your client, your rules. -
Re:Translation
We all pay for our internet connection and then a significant portion of our bandwidth is used solely for the benefit and profit of Google to stream ads all over your screen.
Firefox + Adblock + NoScript = User Control
Declare your independence from Internet advertisers and take back control of the connection that you pay for. Your bandwidth, your client, your rules. -
Re:You gotta be kidding.On Thunderbird, nothing works. No emails are available, no calendaring stuff, nothing. It seems that you have to always remember to manually synch before you go offline, otherwise nothing will work.
Sync On Arrival works for me on my laptop.
-
Security issue with Urchin!!
For those companies that use Urchin, note that there is a potential security vulnerability that I came across on a copmany's ordering page just a few days ago. The company, who shall remain nameless, has since taken my suggestion and closed the security hole, but I don't know how many more ordering screens use Urchin in the same way.
The problem is thus:
1. The ordering screen where you enter your VISA card number is loaded over https
2. The ordering screen includes the urchin.js script file, but this file is loaded over unsecured http
3. This means that urchin.js could be replaced in transit with another script which could steal your personal info by, for instance, changing the form you are submitting to point to another server.
In this case, the Firefox "lock" icon displays an error: "Warning: Contains unauthenticated content". Unfortunately, this is very easy to miss. I only spotted it because I use the Petname Toolbar, which prevents phishing and spoofing. The toolbar would not let me set a petname for this site, because the unsecured content could literally change anything on the page, so it wasn't safe. If you don't already have the Petname Toolbar installed, I highly recommend that you install it.
Urchin could close this hole if they allowed urchin.js to be loaded over https, but the file isn't available over a secured link. To anyone using urchin.js, make sure you don't include that file on your secured pages.
What's even more disheartening, is that this site was verified as "hacker safe" by ScanAlert; missing such an obvious hole really decreases my confidence in their testing methods. -
Prob w/ QuickTime, not Firefox per se...
It should be noted that a careful reading of the advisory does not make any mention of the vulnerability being related to the use of Firefox per se, but rather to the use of QuickTime in conjunction with Firefox.
The vulnerability allows an attacker to use a specially crafted QuickTime object to launch the default browser within Windows. This implies that the initial vulnerability resides within QuickTime, and is supported by the following:
... QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser ... This vulnerability is compounded, however, by the ability to launch the browser with arbitrary command line options. For example, an attacker could theoretically launch an instance of Firefox (presuming it was the default browser) and use the
-chrome switch to execute scripts that could spoof a browser user interface. For example, portions of the real Firefox interface could be hidden and a counterfeit section rendered, in conjunction with a cloned web page that shows
https://signin.ebay.com/ws/eBayISAPI.dll?SignIn when in reality the person is really logging into
http://www.my-identity-theft-site.tld The ability to execute scripts from the command line was probably a feature, at least initially, but when the ramifications became clearer MFSA 2007-23 was issued and the capability removed. QuickTime bypasses this fix.
It is very likely that the code to execute said scrips exists in most, if not all, Firefox 2.0.0.6/operating system combinations.
It's the hole in QuickTime that makes the hole in Firefox more easily exploitable. On Linux this point is moot, since Apple has not yet released an official version of QuickTime for Linux.
-
Prob w/ QuickTime, not Firefox per se...
It should be noted that a careful reading of the advisory does not make any mention of the vulnerability being related to the use of Firefox per se, but rather to the use of QuickTime in conjunction with Firefox.
The vulnerability allows an attacker to use a specially crafted QuickTime object to launch the default browser within Windows. This implies that the initial vulnerability resides within QuickTime, and is supported by the following:
... QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser ... This vulnerability is compounded, however, by the ability to launch the browser with arbitrary command line options. For example, an attacker could theoretically launch an instance of Firefox (presuming it was the default browser) and use the
-chrome switch to execute scripts that could spoof a browser user interface. For example, portions of the real Firefox interface could be hidden and a counterfeit section rendered, in conjunction with a cloned web page that shows
https://signin.ebay.com/ws/eBayISAPI.dll?SignIn when in reality the person is really logging into
http://www.my-identity-theft-site.tld The ability to execute scripts from the command line was probably a feature, at least initially, but when the ramifications became clearer MFSA 2007-23 was issued and the capability removed. QuickTime bypasses this fix.
It is very likely that the code to execute said scrips exists in most, if not all, Firefox 2.0.0.6/operating system combinations.
It's the hole in QuickTime that makes the hole in Firefox more easily exploitable. On Linux this point is moot, since Apple has not yet released an official version of QuickTime for Linux.
-
Re:Outdated Firefox?
as I said, that vulnerability does not affect Linux. See the advisory, http://www.mozilla.org/security/announce/2007/mfsa2007-28.html : "On his blog Petko D. Petkov reported that QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser with arbitrary command-line options." (my emphasis)
-
Re:Outdated Firefox?
Well, surely it will be available from the package manager as an update, since 2.0.0.7 addresses a critical security vulnerability. http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.7
-
Re:Still good...
Thanks for the clarification!
...and for others who are more interested in Mozilla's licensing schemes (like I was after reading your post about it being tri-licensed) I think http://www.mozilla.org/MPL/ sums it up nicely. (though your link is helpful as well)
-
Re:is webmail to blame
1. mozilla.org is adding "content handling" which should ddress this http://wiki.mozilla.org/Firefox3/Product_Requirements_Document#Content_handling
2. webrunner solves this, http://wiki.mozilla.org/WebRunner
3. googlegears, http://gears.google.com/ or whatwg's offline support http://www.whatwg.org/specs/web-apps/current-work/#offline will provide some stuff for this. there's also some discussion on whatwg of adding general local file apis (although i think it's generally assumed to be for reading/importing, not for storage/exporting, but i haven't checked carefully)
4. this is mostly a function of 3. as it happens, in theory for very large attachments the reverse is also true, if you get lots of large attachments you don't want, you have to wait for them to download before you can get your mail, whereas a good web mail client can incrementally transfer attachment content (see gmail integration w/ docs.google)
5. you clearly trust your ISP, its neighbors, etc.
6. hrm, you must have found a really good email client, which one? most of the real clients I've found have bad UE in various areas. Certainly I can easily name problems w/ Outlook, Outlook Express, Eudora (classic), Mail.app, Evolution, M2. If your client isn't one of these, find me, and let me try it. I have a mailbox I haven't been able to open for a couple of years (it's literally too big, the UE for any client that fails to open this is well,... generally not impressive... that's my executive summary :). Oh, Thunderbird/Eudora/SeaMonkey, I used SeaMonkey until it stopped being able to open the mailbox, I can certainly come up w/ UE gaps for them if necessary (although I haven't used Eudora yet). -
Re:is webmail to blame
1. mozilla.org is adding "content handling" which should ddress this http://wiki.mozilla.org/Firefox3/Product_Requirements_Document#Content_handling
2. webrunner solves this, http://wiki.mozilla.org/WebRunner
3. googlegears, http://gears.google.com/ or whatwg's offline support http://www.whatwg.org/specs/web-apps/current-work/#offline will provide some stuff for this. there's also some discussion on whatwg of adding general local file apis (although i think it's generally assumed to be for reading/importing, not for storage/exporting, but i haven't checked carefully)
4. this is mostly a function of 3. as it happens, in theory for very large attachments the reverse is also true, if you get lots of large attachments you don't want, you have to wait for them to download before you can get your mail, whereas a good web mail client can incrementally transfer attachment content (see gmail integration w/ docs.google)
5. you clearly trust your ISP, its neighbors, etc.
6. hrm, you must have found a really good email client, which one? most of the real clients I've found have bad UE in various areas. Certainly I can easily name problems w/ Outlook, Outlook Express, Eudora (classic), Mail.app, Evolution, M2. If your client isn't one of these, find me, and let me try it. I have a mailbox I haven't been able to open for a couple of years (it's literally too big, the UE for any client that fails to open this is well,... generally not impressive... that's my executive summary :). Oh, Thunderbird/Eudora/SeaMonkey, I used SeaMonkey until it stopped being able to open the mailbox, I can certainly come up w/ UE gaps for them if necessary (although I haven't used Eudora yet). -
Re:Still good...
Mozilla software is tri-licensed under the GPL, the MPL and the LGPL. So, develeopers are free to use the GPL and create extensions licensed under the GPL as well.
http://www.mozilla.org/projects/calendar/sunbird/ -
Lightning anyone?
I remain a bit unconvinced that calendaring should be built into a mail client as standard, but that's exactly why there's extensions available for Thunderbird for the (I suspect minority) who need such a calendaring feature. I'll point you to the Lightning download page: a calendar Thunderbird extension (based on Sunbird) no less. Yes, it's numbered 0.5 at the moment (and there's a 0.7RC1 which you can try if you need newer features), but it's been developed for more than 18 months now and is fairly usable.
-
Re:key fact missing
And Mozilla's Eudora is Thunderbird + the Penelope Plugin, I thought: http://wiki.mozilla.org/Penelope
-
Re:Well, it kind of shows in the code...
Not sure if you're aware but there is a Thunderbird project called Penelope for those Eudora users stuck by Qualcomm's decision to discontinue the product. I haven't tried the Eudora importers, though...
-
Uh, here's your sign
With apologies to Bill Engvall.
How hard is it to click the Bugzilla entry? -
Re:With ies4linux? A couple minutesAlmost like that....except it has to be an Xbox360, the Xbox wouldnt pick it up - thats the only way I got it to work. Some College websites require IE and only IE....IE4Linux saves the hassle of windows. I can relate with you there, but wouldn't a simple plugin like User Agent Switcher for Firefox work for you? It could fool a website into thinking that you're running IE, and I'm pretty sure that's all you'd need, because as far as I know, getting ActiveX to work under linux, even with IE4Linux, is a pain in the ass, and there's no guarantee that it'll work every time.
-
Re:Streaming (!= Copy protection)
-
Re:Control, Data mining, Money
Flashblock https://addons.mozilla.org/en-US/firefox/addon/433
and while I'm at it I mentioned Video Downloader in a previous post
https://addons.mozilla.org/en-US/firefox/addon/2390
It downloads the videos for you.
Not affiliated with either... -
Re:Control, Data mining, Money
Flashblock https://addons.mozilla.org/en-US/firefox/addon/433
and while I'm at it I mentioned Video Downloader in a previous post
https://addons.mozilla.org/en-US/firefox/addon/2390
It downloads the videos for you.
Not affiliated with either... -
Re:They don't have to be
Flashblock https://addons.mozilla.org/en-US/firefox/addon/433
and while I'm at it I mentioned Video Downloader in a previous post
https://addons.mozilla.org/en-US/firefox/addon/2390
It downloads the videos for you.
Not affiliated with either... -
Re:They don't have to be
Flashblock https://addons.mozilla.org/en-US/firefox/addon/433
and while I'm at it I mentioned Video Downloader in a previous post
https://addons.mozilla.org/en-US/firefox/addon/2390
It downloads the videos for you.
Not affiliated with either... -
meta refresh
I read the story with interest as something like this happened to me the other day. It didn't even occur to me that Google had been hacked. I figured the original site had been compromised. A hacked web site can be defaced for shits and giggles, obviously, but it could also have a meta refresh tag added to send the browser off to wherever the defacer wants. With the security hole history of most CMS systems out there, I'm surprised that doesn't happen more often.
It looks like Firefox 3 will allow disabling of meta refresh.
The Firefox NoScript extension might be worth considering as well.
-
Re:This is Idiotware
The best thing they could do, IMO, is to render every URL in the address bar with the domain in red BOLD letters.
Take a look at Locationbar2, it's going to be included by default in Firefox 3. -
Oh joy.
Why does this need to be included by default? Am I the only one who finds the anti-phishing stuff to be annoying? Fine, some people want it, make a plugin or an extension, but stop adding tangential stuff to the codebase! Adding a piece of "functionality" to a web browser that does a name check on every website you load is bound to add a huge chunk of overhead.
Am I the only one who remembers The Kitchen Sink? Adding stuff like this into a pure vanilla install is ridiculous. I don't care if they want to make a "secure" version with plugins already installed and enabled, but don't make it a part of the -
Re:Oh no!
Hmmm. How old are you, number 90981 and what do you do and what are you doing on
/.? Ever programmed in Assembler or have done any computational analysis whatsoever?
Check this out, 0x20 (that's hex) is 32 decimal, it is the number used in ASCII to represent a single space.
And I didn't even have to use LeetKey for it. -
Re:An act of balance
You know, I don't see the big deal. I've got less than a gig of ram. I frequently open more than 40 tabs in one firefox sitting. I run firefox for a week or more at a time before I restart it. When I do it's mostly just because I want to get rid of all those tabs that accumulate. (somehow there's no "close all tabs" function.)
I'm also one us us apparently lucky that aren't seeing much of memory leaking; my sessions rarely use more than a couple of hundred megs, despite a large number of tabs. What usually forces me to restart the browser is the awful browser-eating bug 263160, which many of my friends seem to never encounter, but for me it's more or less a weekly nuisace
:( -
I've given up on Mozilla.
I've forgiven them time and time again for screwing up.
First it was the MNG/JNG farce - you have to see this for yourself to believe it. 5 years (!!) of making up bullshit excuses later they dump an inferior, crippled "replacement" format in the browser to force everyone to give up.
I won't comment on their side project to make a faster, smaller, less bloated browser... you can all see what a success that's been.
Now for some reason despite all the times the mozilla people have done this -- much more than the two examples I've mentioned -- I was still using Firefox last month. Then it broke spectacularly on me (which was to be expected given it was a CVS build), so I load 2.0 up again and I realise half the extensions I have installed in it are to fix bugs and security holes it shouldn't have in the first place. I can name Noscript and Long Titles off the top of my head. I realised there was no reason to keep using this crap just like there was no reason to keep using windows.
Memory leaks aren't Firefox's biggest problem -- it's the inmates running the asylum that is. Until that's fixed, I'll be using Konqueror. (if you want to know why I won't use opera, substitute developers for users) -
Javascript engine Tamarin will use conservative GC
Won't the number of memory leaks in Mozilla increase in Mozilla when Tamarin/MMgc is introduced due to the number of false positives? Anyone know why they aren't using a precise garbage collector?
-
Re:Might as Well Fix Javascript Too
It's being worked on. See http://www.mozilla.org/projects/tamarin/
-
Re:C++ long-in-the-tooth?
XUL is inherently single-threaded and JavaScript based. Try out any XUL application out there and you'll see how you get the same poor performance, speed and resource usage as with Firefox (try Miro Player and Joost).
...
Actually I'm pretty sure they're in denial as to the cause of their problems. Announcing they're working on fixing "memory leaks" just supports their ability to continue their delusion.
They're not in denial. They're working on tamarin, a replacement/upgrade of their javascript engine based on the same engine that's in flash 9 / actionscript 3.
Tamarin will run javascript 2, which will to do javascript what the move from actionscript 2 to 3 did for flash/flex. In short: it will make non-toy applications easily done, instead of just marginally feasible. They plan to migrate the firefox UI and extensions to javascript 2, which should negate the performance issues. Only problem: it won't be ready for FF3. -
Re:C++ long-in-the-tooth?
I agree with all of your comments about not wasting computing resources, but I'm not sure they are apropos. Firefox is not written in Java. Firefox is written in C++.
-
Re:Please stop the ads
My almost ad free life
I use
- Adblock Plus for web ads
- Sirius satellite radio to get rid of radio ads.
- fast forward/skip the ads for tv.
-
If you run Firefox, install NoScript plugin
According to the article, exploint uses Cross-site scripting, also known as XSS. There is a firefox plugin called NoScript that limits cross site scripts. The article points you to http://noscript.net/features#xss which describes the anti-XSS protection of noscript. The noscript pages suggests that you only load firefox plugins from addons.mozilla.org and sends you to https://addons.mozilla.org/en-US/firefox/addon/722 where you can download noscript.
-
For firefox users...
"If this exploit goes wild, it could cause some serious problems, as PDFs are usually automatically opened from web browsers and widely used and trusted by corporate users."
If you are using firefox, there is a simple way around this. Just install the PDF download add-on, its also helps avoid the problems involving the embedded PDF plugin crashing your browser.
-
Re:Target Market
Flashblock absolutely does have a whitelist. In fact you can just right-click the blocked flash icon and select "Allow Flash from this site". For your convenience.
-
Re:Target Market
Instead of Noscript and FlashBlock, I use Mozilla Firefox, Portable Edition and install the IE View Lite extension (among others, like AdBlock Plus). By default, there's no Flash plugin in this version of Firefox, so everything is just fine and dandy. When I need to view a page that has Flash (for me, specifically, that's a handful of sites, like YouTube), I just use IE View Lite to open that single page or link in Internet Explorer.
-
Re:Target Market
So you dig through
.dll files and rename them to create a dirty hack to disable flash (and of course restart your browser every time you want to see the flash, and restart it again when you're done), instead of just installing one elegant extension with one-click flash viewing and whitelisting capabilities?
Sheesh. -
Google: Do evil if it pays?
Google: Do no evil.
is now changed to, "We want to be like the U.S. government."
Google: Do evil if it pays more.
In my opinion, this is the beginning of the end for Google, as the founders lose touch with reality and fly around in their huge corporate jets. If you want responsibility, don't depend on a billionaire to do the work.
Eventually, there will be a new search engine with no Flash ads, and everyone will use that. Eventually, people will say, "Google? What's that?"
The new profit-making Mozilla will probably try to get the U.S. government to ban NoScript and AdBlock Plus and FlashBlock.
The problem with ads is not that I don't like advertising. The problem with ads is that they are nearly always stupid in some way. Some of the ads IBM ran on Slashdot were more than stupid, they were embarassing.
Mostly, ads are written by people with absolutely NO interest in the product they are selling. I'm guessing that more than 50% of ads include at least some dishonesty. It is the ad makers that have given advertising a bad name.
Larry Page and Sergey Brin, your usefulness to the world is coming to an end. Please find someone to carry on your original vision, and retire. -
Flashblock is great
-
Re:FTFA
Firefox won't fix bugs that are pretty core to technologies. The big reason they won't fix it seems to be because they'd have to redesign a large chunk of their xslt processing. It's defective by design and they have no intention of fixing it. It's not a Microsoft thing, it's a software in general thing.
-
Re:$3 Million is not enough
The Mozilla Foundation started with ~$2,300,000 ($2 million from AOL and $300,000 from Mitch Kapor) and they've done alright.
-
Mozilla is actually dumping its email client
What is actually happening - the way I see it - is that Mozilla (corporation/foundation) is finally abandoning its mail&news client formally. In practice this has been true for years - the number of mail&news developers is currently 2, compared to about... 150 IIRC people working on the browser (although this includes people working on joint core code, such as XPCOM, NSPR, necko, XUL, etc).
In recent years Mozilla is being bankrolled by Google: The choice of Google as the default search engine in Firefox means added revenue of > $5 Billion a year. Google has been paying back with some drops from that bucket - a few tens of Millions a year, see e.g. here (NY Times).
It seems to me (as an outsider and an occasional Thunderbird/Seamonkey extension developer) that effectively means that Google's interests have become, and will be from now paramount in Mozilla's policy. Now, if you're Google, you would be more interested in developing and expanding the use of a browser rather than a fast, modern, full-featured and easily extensible mail and newsgroups client (which I feel Thunderbird is _not_yet_, unfortunately) - this would mean people will tend not to use your webmail system and your web interface for newsgroups. This is bad for you, since you'll be seeing less ad revenue, you'll be able to collect a lot less useful marketing information about users, and your efforts to centralize users' Internet experience around services-servers-content which you control or are involved in will be impeded. So, obviously, you will want the money you donate to Mozilla - which should have 'rightfully' been divided differently (say, at least 25% for e-mail and news work - and that's being modest and not making 'affirmative action' demands).
Now you just need to spin this somehow, e.g. like this. -
Adblock
So it's ad-supported? https://addons.mozilla.org/en-US/firefox/addon/10 FTW
-
Re:Where does that leave the standardization proceMuch more likely: you're just not from America, and use a nonstandard "Trillion." (This is a US site, default to US measurements or state otherwise, please.) This is an international site, so I will happily stick to universally accepted standard units like the "real" trillion (a quadrillion for you), celsius, 24 hours format and meters. For non-standard folks there is still this fine Firefox extension.
-
Re:logging firewall and TALKINGSo far my kids are 4 and 6. I just use Mac OS X parental controls and they can only visit the sites I book mark for them in Safari. They can't get to getfirefox.com to download it, so problem solved for that.
Yep. You solved that one.
There are more.
And they can all be installed by drag/drop into a home directory.
Nice shooting, soldier!
qz
-
Stripping license terms is often suggested
Obviously stripping copyright is wrong and stripping out license terms is wrong in this case, if it was not allowed for, but often multiple licenses instruct you to strip out the inapplicable licenses to avoid just this sort of confusion.
-
Re:Well...
While not on topic, this seems like a good time to link to the It's All Text! extension to Firefox. It adds a tiny button below all text areas on web pages. Click it, and you get to edit the text in your favorite text editor. The text is loaded automatically when you save (flashes the text area too, so you know something has happened). It is extremely good.
And to be on topic: this stuff is hardly new, but it will likely be something that people will use in the future. Google has that office suite that seemed to be somewhat popular for different reasons -- integrating many of these webapps into one unified GUI seems like a logical next step. -
Re:Help Me!
I hear ya! My distro of choice is Novell openSUSE 10.2, which is very easy to set up and use, though I had to remove zmd to get efficient updates with opensuse-updater (the upcoming 10.3 doesn't install zmd by default). IMHO, Novell openSUSE 10.2 is an order of magnitude easier to set up and use than Ubuntu, though the
/. community in general has taken an anti-Novell stance due to its patent cross licensing agreement with Microsoft (which is funny, considering how /. loves Apple despite Apple's numerous patent and technology cross licensing agreements with Microsoft, but I digress).
I've been able to "convert" two people at work from Windows XP to openSUSE 10.2 based on its merits and ease of use. Ubuntu will hopefully get to a similar position from a technical perspective, but IMHO at this time, Novell openSUSE 10.2 is already there, and Novell has committed themselves to making SUSE Linux a world-class desktop operating system.
From your post, here is what openSUSE 10.2 and likely other distros can offer:
- Browser: Firefox, Konqueror, Mozilla Seamonkey, Opera, and IEs4Linux (I use IEs4Linux to access Outlook Web Access's calendar at work, since I use Thunderbird for my email. I'm looking forward to an Exchange plug-in for Mozilla Lighning)
- Email: Thunderbird (yay! I'm also writing a Salesforce.com extension for it called Thunderforce), Evolution (I actually despise it, though I also don't like Outlook's interface. To each, their own.. Don't bother with the Exchange connector; it's slow and crashes often), KMail, and others
- Quicken 2008 might be tricky. Quicken 2007 appears to work to an extent, but it might have issues, which is probably not good for an accounting package
- GnuCash is a possible replacement for Quicken, though it's more like QuickBooks than Quicken. For a personal finance look and feel, KMyMoney might be the better way to go, though some time might need to be invested in the conversion process. Converting from Quicken Mac 2004 to KMyMoney was not seamless for me, but I haven't gone back and fixed the errors in the import configuration that I used and tried again. If you do the GnuCash approach, then you can use my GnuCashToQIF program to export back to Quicken in case if you want to go back to it or if you need to export your data to an accountant, either as QIF or IIF. I have an old Mac at home that I'm moving away from, though I'm still using Quicken and iTunes on it
- Novell's version of OpenOffice includes extensive support for Excel macros, so it's worth trying out. It might address all of your Excel needs. As a nice bonus, OpenOffice uses a single-document interface (SDI) instead of a multiple-document interface (MDI), permitting you to have two or more separate top-level spreadsheet windows side-by-side or on different monitors. Excel is MDI, though it does create a top-level start menu button for each open document, essentially faking SDI, but it's really MDI. You could enlarge Excel to span multiple monitors and have your MDI windows not maximized, but that breaks down if you have one monitor portrait and the other one landscape. If you really, really need Excel, then it appears to be well supported by CrossOver Office
- Visual Studio 2005 is a tough one because MonoDevelop might not include all the features that you may be accustomed to. It does implement a lot, but it's probably not a drop-in replacement yet. -
Re:adblock subscriptionSo you block ALL ads, reducing the incentive for publishers to prefer less annoying ads.
It is far better to block just annoying ads (animations etc), thereby making less annoying ads (e.g. text ads) comparatively more profitable.
I find the best thing is to use Flashblock: almost all the really annoying ads use Flash.