Two Major Ad Networks Found Serving Malware

Trailrunner7 writes "Two major online ad networks — DoubleClick and MSN — were serving malware via drive-by download exploits over the last week, experts say, after a group of attackers was able to trick the networks into displaying their ads by impersonating an online advertising provider. The scheme involved a group of attackers who registered a domain that was one letter away from that of ADShuffle.com, an online advertising technology firm. The attackers then used the fake domain — ADShufffle.com — to dupe the advertising networks into serving their malicious banner ads. The ads used various exploits to install malware on victims' PCs through drive-by downloads, according to information compiled by security vendor Armorize."

Of course!

[MadUndergrad]

What do you expect from a company called "Doubelclick"? I bet Googel tampers with their search results too.

Re:Of course!

[oliverthered]

umm... not in violation of one click shopping patents?

Re:I've seen stuff coming from MSN for quite somet

[SpacePunk]

I doubt they check the scripts before they are put up for rotation, and this is their chance to find a scapegoat. As long as they get paid, I doubt they care to check.

Noscript wins again

[wizardforce]

One more example of why ad blocking has its security benefits. What's worse is that doubleclick and friends are used by pretty much every site out there including Slashdot. It's a shame that although a lot of people would be willing to support sites like Slashdot allowing a few ads to load occasionally; doubleclick just isn't trustworthy enough to allow that.

Re:Noscript wins again

[cappp]

And this is why I blanket block all ads on all sites. It's an incrediably blunt instrument, but its the only way to avoid this kind of thing apparantly.

What sucks is that I'd actually like to support the sites I frequently visit, and ad views clearly have a significant effect on their various bottom lines, but I just can't justify exposing myself to whatever that week's ad-based crazy shit danger happens to be. It's similar to how I feel about porn sites - the responsible part of my wants to subscribe and send them a little cash for the assistance rendered by their presentation of jiggly bits being jiggly...but that same responsible part is also well aware that any kind of commercial interaction with said pornographers has a suspicious way of going horribly wrong.

So now I find myself chosing between doing that right thing - supporting the services I use - and the secure thing. And as it happens, the secure thing wins out.

Re:Noscript wins again

[icebike]

Agreed.

I use OpenDNS to block doubleclick but they have a lot of domains they serve under in addition to their own.

I don't begrudge the advertising, I've even been known to click on it occasionally if it interests me. And I don't worry too much about the malware, running Linux and tight filters. But a few jerks like ADShufffle.com screw over all the advertiser. And I wager nothing at all happens to them.

Re:Noscript wins again

[Jah-Wren+Ryel]

What sucks is that I'd actually like to support the sites I frequently visit, and ad views clearly have a significant effect on their various bottom lines,

Ad views have become the defacto micropayment system. If we had an alternative, sites wouldn't have to be dependent on privacy-invasive and security-breaking ad systems. I'm sure that many would anyway, but they would at least have other options.

but that same responsible part is also well aware that any kind of commercial interaction with said pornographers has a suspicious way of going horribly wrong.

Micropayments could solve that problem too - anonymous microcash would be almost completely immune to the kind of abuses that you are avoiding.

Re:Noscript wins again

[symbolset]

You can subscribe to many sites like slashdot, and pay them directly.

Re:Noscript wins again

[CosmeticLobotamy]

A "push" credit card transaction would also solve those problems. Why is it that I can only pay for something by giving my entire credit balance to someone and trusting them to give me back everything but what their invoice says? Why can't I say, "Hey, MasterCard, give this guy $50." He gets an email, his automatic email-getting-password-sender-outer tells me how to get to his jiggly bits. ... I mean, the jiggly bits he has video of, not the ones between his pockets.

Re:Noscript wins again

[Karellen]

I use a debit card for online transactions. It has its own separate bank account, with no overdraft or other type of negative balance facility. When I want to buy something online, I get to the checkout page, see how much the total is, use online banking to transfer just enough money into the account from my main account to cover the cost, and then proceed with the purchase. If a retailer tries to take too much, or tries to take payment twice, or if the card number is compromised and is used fraudulently, payment requests just bounce with an "insufficient funds" error.

I think I might get charged for payment bounces, but however much that is is probably going to be less than the value of the invalid payments. And the people messing about get nothing from it.

Re:Noscript wins again

[hairyfeet]

As a PC repair guy with waaaay too many click happy customers I'd say your best bets in the free AV category are MS Essentials and Comodo AV. In my experience thanks to its auto sandboxing of all apps unless told otherwise Comodo is a little better protection, but of course as with most of the "smart" AVs it has a bit of a learning curve, and will ask you questions for about a week until you've launched all your daily apps. Nice thing is it has built in limited whitelists with core Windows system behaviors so it don't bug you when Windows is doing what it is supposed to be doing, like scheduled tasks. MS Essentials doesn't ask you squat and is pretty unobtrusive but I wouldn't recommend it for those that are click happy or go to dodgy sites because of its lack of sandboxing and registry virtualization so if anything does manage to get past it your borked. But it does have a good detection rate and is a hell of a lot less bloated and buggy than AVG.

As for TFA this is why I install Firefox with ABP on every customer's PC and show them how easy it is to use. by having them block ads I've found their rates of return because of infection dropped by a good 80%. While I understand that sites like /. need to make money, having their PCs turned into a zombie or having their CC stolen by a keylogger simply makes ads too risky at this point in time. It is as I said that JavaScript is becoming just as big a vector of infection as ActiveX ever was. I'm sure that we'll look back in 5 to 10 years and go "WTF were we thinking?" with JavaScript just as we do with ActiveX now. Trusting third party code served up from some ad bunch with no control over content or risk is just a bad way for a site to do business. If they are gonna serve ads than maybe we should go back to simple text and picture ads which don't require code to run.

Re:Noscript wins again

[Flixie]

Flattr is on it... http://flattr.com/ From their blog http://blog.flattr.net/2010/12/claiming-content/: "Wouldn’t it be wonderful if Flattr could figure out that you own a piece of content and automatically let others flattr it, without you doing anything? "

Re:Noscript wins again

[oobayly]

Well I thought I was running a properly configured box. Everything up to date, not using IE etc. Clicked on a link and got a Google warning about the sit. Fine I thought, I'll use the get me out of here button and suddenly I'm being bombarded by AV warnings. Noticed a Java console icon in the Systray, so that was how it arrived. What was unbelievable was that within seconds every HTML doc was infected with fucking vbscript.
I gave up on windows for home use there and then and now use Linux full time (instead of occasionally), and just windows for .net stuff.
As an aside, time to install Ubuntu, about 40 minutes. Time to install XP (from slipstreamed SP3 CD), half a fucking day including a call to India to ask for an OEM number that fucking worked. None of the driver bullshit either.

Re:Noscript wins again

[KiloByte]

In most of the world there is a thing called "bank transfer". For most transactions it is even free. All you need is to know the recipient's account number, which is published by everyone interesting in receiving non-cash payments.

Re:Noscript wins again

[Bert64]

Be careful with that, even tho you have no formal overdraft facility some banks will give you an "unarranged overdraft" and charge you stupid fees for it...
I used to use a card with an extremely low credit limit for online purchases, until i found that the credit limit isn't the limit that you can spend, its just the limit that you can spend without being charged extra fees.

Re:Noscript wins again

[Ecuador]

You think that is smart eh? Oh, boy, are you in for a suprise!
Using debit cards to be "safer" is the worst idea possible. All credit cards have fraud protection. If someone uses it fraudulently, as long as you catch it within a couple of months, you are not responsible for paying it. When you give your credit card number to someone you are giving access to your credit line, provided by your bank, not your money directly, and when they charge your card they won't draw money from you, they will post a charge for which they will get paid later by the bank and you will be asked to pay for it.
Now, if you give your debit card, you are giving your bank account. A transaction draws money from your account immediately, good luck trying to reverse that later, I mean it is YOUR money gone, not the bank's money. Then, the fact that you don't have overdraft protection does not mean much. First of all you will have the bounce fee. Secondly, there have been many instances where banks go ahead and honor the overdrawing (it has happened to me once, they charged both the fee AND overdrew the account, it was either Wacovia or Chase...) and when you ask them about it they say "because you are a good customer our system allowed it".
There are of course many other reasons for using a credit card. For example you get extended warranty (AMEX doubles 1-year warranties), cashback etc.
If you want to be secure there are virtual account numbers that many CC provide. Some of them can be set with a pre-set limit. But be careful, similar to a bank account there are times where the bank will still honor going over the limit. The difference is, you will NOT have paid it with your money. You will receive a bill showing the fraud and you will file for it to be cleared. It has happened to me a couple of times and I shudder at the thought of that being my debit card...

Re:Noscript wins again

[edgr]

Most of the big banks in Sweden allow you to create a temporary (virtual) credit card with a specified limit and expiry date. You type the credit limit and expiry in, push a button and it spits out a new mastercard number. At least one bank (Swedbank, one of the largest in Scandinavia) requires this kind of card for all online transactions.

Re:Noscript wins again

[Ecuador]

You are not bad on the insulting department. Not great on the how things work department though, but with that attitude you can't possibly be helped.

Just so we are clear, originally I did not think you were dumb. My tone was aiming to make it clear to you and to other people that debit cards are a bad idea regardless how well you think you have thought things through. In my second favorite forum (FW Finance) I have read so many stories about how people have gotten screwed, it is not even funny. For example, do you know that debit card transactions are processed by the end of the day in an order the Bank decides? What do you think will happen with a fraudulent charge the same day as a legit purchase? Also, did you know that normally a merchant asks for authorization before putting a charge through (and gets declined in your case if you don't have funds), but at least the VISA network also allows charges WITHOUT authorization (and think whether a fraudster will ask for authorization)? That was probably how I got a negative charge on an account that had no overdrawing and if you think a negative balance on your bank account does not mean that is your money missing, you are sadly mistaken.
  Anyway, I at least hope you don't use a really bad (customer-friendly-wise) bank (like, say, BofA).
And to re-iterate, no, I did not think you were dumb, but you did come out as a douche with your second post.

Re:Noscript wins again

[hairyfeet]

Maybe your bank just sucks? I never worry about using my debit online because if a retailer double dips or pulls any other shit I just walk into the bank and say "I ordered something online and they overcharged me" and the girl behind the counter goes "Oh don't you just HATE that? It happened to my husband last month!" and she types on the keyboard for a minute and then says "There you go, it'll take about an hour for the system to update and then your money will be back. Have a nice day!" and that's it. One of the nice things about sticking with a small bank over supermegabank.

As for TFA? Sites can scream about going broke but it is their own damned fault. You want us to pay for your content by opening us to to a possible infection or CC fraud via a keylogger just because you want to outsource your ads to some third party? Then don't be surprised when we block your ass en mass. I've cut my customers repeat infection rate a good 80% by switching them to Firefox with ABP, and from talking to other local shops most are doing the same. JavaScript is becoming another ActiveX and sandboxing is just putting band aids on a bullet wound.

If we are gonna allow third party code from just anywhere with NO oversight to run then perhaps we need to toss JavaScript and start over with a new language designed from the ground up for security. Or even better ban third party ad servers from using JavaScript and go back to text and animated GIFs for ads. But until things change I think you'll continue to see more and more sites finding their ad revenue falling like a stone because the current model is simply too dangerous. When I can lower repeat infections by over 80% simply by blocking ads? Then the entire ad delivery system is broken.

Can't say I'm surprised...

[TestedDoughnut]

Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago. With that in mind, I can't say I'm really all that surprised that advertisers would be the source of ad/spy/malware...

Re:Can't say I'm surprised...

[gmhowell]

Oh no, between you and the AC, you've mentioned HOSTS files twice. If you mention them a third time, the apk troll shows up, like a techno Candyman with Tourette's.

Re:Can't say I'm surprised...

[maxwell+demon]

Let me add one disadvantage of host files vs. AdBlock/NoScript & Co.:

The host file approach is completely unusable on machines where you have no root/admin access. And even on networks where you have root/admin access, but don't own the network and are not the one responsible for networking, you may get into troubles if you try to change host files. OTOH, Firefox plugins can be installed at the user level, without a need for root/admin access, and since user-installed plugins only affect the single user (i.e. you), they are much more likely to be accepted.

MSN sucks! This would never happen to Google!

Oh wait... Google's doubleclick got tricked too.... okay, nevermind.

  -The Anonymous Google Fanboy

Re:MSN sucks! This would never happen to Google!

[icebike]

Quote Story:

A spokesman for Google, which owns DoubleClick, told the IDG News Service that the malicious ads were only being served for a short amount of time, and that the company's own malware filters detected the ads, as well.

So, MSN was clueless. Google was merely slow to act.

coulda told ya

I could have told you that. I narrowed down the issue to MSN/Hotmail a couple days ago and was advising users to stay away for as long as possible/use adblock/noscript.

I've been dealing with removing this horseshit from end users pc's all week.

Something interesting I noticed was the malware authors were amateurs- they forgot to setup the fake HDD defrag malware to run at boot on any other user profile besides the one that was infected.

Made disinfection pretty easy...

Re:Praise for adblock

[Mashiki]

Queue people whining and crying that people are thieves and all that because they block ads. Sorry, but if you can't be sure you'll never serve malware. You'll never be allowed to serve ads which might infect my machine with something...nasty. Especially now that ransomware is starting to become the next trend.

Trust model

[Inf0phreak]

The trust model of online advertising is in my opinion fundamentally broken. A big part of the security model of the web is domain-based - e.g. the same origin policy - but this goes down the drain with third party ads hosted on yet another third party's server.

With online advertising it was for the first time possible to measure the effect of ad campaigns better than "how many saw it and did we sell more after it?" What did this bring us? "PUNCH THE MONKEY!", "LOOK AT THE BLINKING LIGHTS!", "BEEP BLOOP BEEEEEP!!!" and perhaps most insidiously it broke the domain-based model of trust on the web since everything had to be put on the advertising hosters' servers to deter click fraud and whatnot.

AdBlock doesn't just save you bandwidth and reduces the annoyance of browsing the web, it is also one of the best tools for avoiding drive-by malware from ads.

and sandbox

[__aaeuwj6541]

and sandboxes, and no script, and external firewall devices, and backup drive images from previous weeks

Adblock is not that great a protection on its own

Seen a few people say they use Adblock and all, which is fine, but if you recognize that an ad-server can be compromised, then why not any other web server you visit? How many things are you going to block before it makes the web safe? So many all websites are useless? That's why I found NoScript more annoying than not. Too often I was just saying yes to so much it wasn't really that much more secure.

Much better to have secure systems inside than walls trying to block everything.

Re:is there anyone left NOT running adblock?

[scdeimos]

Really, what kind of idiot to you have to be to run a machine configured like that these days?

How about 90% of the people on the internet, those who are in the "mom and pop" or "poor student" class of user and don't actually know anything about computers except for turning them on and off, and double-clicking the Outlook Express and Internet Explorer icons.

There really should be a license requirement for using computers on the internet - you don't let unlicensed drivers on the road, do you?

Anti virus isn't totally useless

[countertrolling]

My MS messenger has been setting off the anti-virus alarms for several months now. They come in through the ads at the bottom of the main window.

Solution

[Lucky75]

For the very few oblivious people (esp on /.), here's your solution: Adblock

It's really just one more reason for me to not feel guilty about blocking ads. Sometimes I click on ads from sites which I trust and wish to support, but other than that, the hell with them.

Re:Adblock is not that great a protection on its o

[sirsnork]

Because it's not the web server being comprimised per say. It's the Ad network either being fooled, or willfully putting up exploit code rather than any sort of hack going on. Also considering the turnover of data/files on an ad networks servers, it's much harder for them to keep this from happening

Re:Praise for adblock

[Deathlizard]

Let em whine. I'm sorry, These ad firms put themselves into this mess.

The day ad firms decided to allow advertisers to use Flash and JavaScript in their advertisements is the day I started blocking them. Seriously, What was wrong with simple images and text? Was the monkey way too easy to punch or something?

Re:is there anyone left NOT running adblock?

[Push+Latency]

Don't forget the folks who believe it's morally wrong to block ads. I had a long conversation with a college professor of programming who believes that quite strongly.

Re:is there anyone left NOT running adblock?

[countertrolling]

There really should be a license requirement for using computers on the internet

No way! Next you'll be demanding sobriety checks. So let's just nip that dumb idea in the bud, shall we?

When the fuck will ad networks learn?

[mysidia]

ad network should serve the images/text and a link URL, nothing more

stop letting advertising providers provide custom HTML and remote-load scripts/images into ads

Re:When the fuck will ad networks learn?

[jack2000]

Some one should put an option in firefox( a native option mind you not a whole extension) that basically says break third party javascript. We'll see who wins the damn war then.

And if sites start puting bullshit javascript on the main domains then fuck em.

Re:When the fuck will ad networks learn?

[jimicus]

Your idea, while clever, isn't going to solve the problem. Javascript will just wind up being pulled in at the server side rather than through <script src="http://dooberidooberidoo....">

The problem is a combination of idiot ideas concerning computer security. Read something like "The Six Dumbest Ideas in Computer History" some time - it's eye-opening and it explains a lot. In the case of web browsing and Javascript, you've essentially integrated four of those ideas into basic computer use.

For those who haven't time to read the article, I'll summarise the idiot ideas that have made it into web browsing:

1. Default Permit. Why on Earth is it the default for most web browsers to run every single little thing they download? It's completely insane - seriously, I can't think of a better way to transmit malware than to sit somebody at a computer and give them a nice easy way to download and automatically run every silly thing they can find, even if the only thing they will run is supposedly sandboxed.

2. Enumerating Badness. We tell ourselves that it's OK to do this, as long as the end user (if they must run Windows at all) does so with half-decent AV installed. But AV works by keeping a list of "things that are bad" and blocking them all - you know how long that list is these days? You only need one thing to slip the net and your system's 0wned anyway. It's the computer equivalent of having sex with every disease-ridden cheap whore you can find working the streets and hoping to Christ the condom never breaks. The bad thing only needs to be lucky once, you need to be lucky every time.

3. Penetrate and Patch. Today the issue is at the server end. Four days ago, the issue was in Firefox (latest release was on the 9th December, it fixes a number of security holes). Next week it might be in Adobe Reader or Chrome. Exactly when did it start making good sense to play whack-a-mole with security holes? You don't see them building high-security prisons out of temporary Portakabins and then tacking extra things on in a blind panic every time inmates escape, so why are so many pieces of software that are likely to be exposed to malware designed in exactly this way?

4. Educating users. Telling people not to click blindly on every ad doesn't work, as anyone who's ever done serious amounts of user support can attest. You always have some people who will click on everything that appears on their PC, if education was going to fix that it would have stopped being a problem years ago. There's a damn good reason why larger companies frequently lock their PCs down so thoroughly they may as well be dumb terminals, and it's not because the IT department is run by a bunch of power-thirsty mini-hitlers. It's because it's the only way to stop the helpdesk being overrun with people ringing in to say "I clicked on this attachment and now I've got everyone complaining that I emailed them a virus. I didn't!".

Re:When the fuck will ad networks learn?

[Phantom+Gremlin]

2. Enumerating Badness. ... But AV works by keeping a list of "things that are bad" and blocking them all - you know how long that list is these days? You only need one thing to slip the net and your system's 0wned anyway. It's the computer equivalent of having sex with every disease-ridden cheap whore you can find working the streets and hoping to Christ the condom never breaks. The bad thing only needs to be lucky once, you need to be lucky every time.

I'd like to rephrase your analogy a little:

I'd say it's the computer equivalent of encountering a random whore, checking a list of names of infected whores that you carry with you, and then deciding to have unprotected sex with this whore. After all, her name isn't on your list.

Unfortunately I didn't work on my rephrasing for long enough to completely maintain the spirit in which your original was written. E.g. I didn't include the colorfully descriptive phrase "disease-ridden cheap whore". But you get the idea.

It's not just IE

[Anonymous+Brave+Guy]

The problem with IE is insecure defaults. A browser that allows auto-install by default is BROKEN.

People in glass houses, and all that.

The only time any PC I run has been compromised to my knowledge was a relatively recent drive-by download via a Java applet. The machine was running Firefox, and both it and the Java VM were fully patched. The machine was also behind a properly configured firewall, and running up-to-date anti-virus software and assorted security/privacy plug-ins in the browser. Unfortunately, none of that helps if you get hit by a zero-day exploit. Also unfortunately, I hadn't yet found where they moved the "enable/disable Java" functionality in Firefox 3.6, not that knowing that would have helped me much, because some tools I need for work actually do use Java applets and therefore the related plug-ins anyway.

BTW, I had just started browsing social news sites like Slashdot, opening a handful of tabs to normally reputable sites to read the articles (yes, really, some of us actually do). I'm pretty sure I got hit via either a third party source that AdBlock missed or a compromised comment on a blog post.

In any case, please don't kid yourself that this is only a problem for dumb Windows/IE users surfing for warez/pr0n/whatever. Just because you're running Linux instead of Windows, or Firefox/Chrome/Opera/whatever instead of IE, or visiting legitimate sites that are themselves not going to attack your system, that doesn't mean you're somehow immune. It just means you're a less likely target. Pride comes before the fall.

Re:It's not just IE

[maxwell+demon]

BTW, I had just started browsing social news sites like Slashdot, opening a handful of tabs to normally reputable sites to read the articles (yes, really, some of us actually do). I'm pretty sure I got hit via either a third party source that AdBlock missed or a compromised comment on a blog post.

A plugin which probably wouldn't have missed it (unless it comes directly from a site you explicitly surfed to, e.g. because the site became compromised) is RequestPolicy. It by default blocks any request from one site to another. However I have to admit that sometimes it can be quite some work to figure out what to enable to make the site work.
Oh, and NoScript can be configured to not allow Java applets by default, but only after explicit clicking, even from otherwise trusted sources. That way, you'll never get a Java applet running on drive-by, because you have to click every time to start the applet.

In any case, please don't kid yourself that this is only a problem for dumb Windows/IE users surfing for warez/pr0n/whatever. Just because you're running Linux instead of Windows, or Firefox/Chrome/Opera/whatever instead of IE, or visiting legitimate sites that are themselves not going to attack your system, that doesn't mean you're somehow immune. It just means you're a less likely target. Pride comes before the fall.

Yes, each of the measures doesn't make you immune. But each one reduces the probability of getting affected. At some point, the probability drops low enough that you can basically neglect it. That's not related to pride (I'm not at all proud for having to make extra effort to get a page display properly; also the reason I'm using Linux isn't related to pride, indeed not even to security, but simply to the fact that it works better for my needs; if I were a hardcore gamer, I'd probably use Windows).

Human factor?

[saikou]

I find it a bit odd that an extra "f" would have duped "the system". I believe what may have been happening is that human verification part of the equation could have been "hacked".

You create an account, you specify where the banner data lives, it gets submitted for an approval.

Except in this case whoever looked at the data saw "trusted" domain and figured everything is fine. Heck, the "fake" domain could have served an innocent javascript up until owners knew that banner got approved, then swapped out the script and off the drive-by script malware goes.

And then Google/Doubleclick detects bait-and-switch ("hey, we didn't approve this virus!") and it gets flagged.

Re:is there anyone left NOT running adblock?

[scdeimos]

Exhibit A: Beer Goggles for Gmail :)

This drive by thingy everyone is talking about

[Ismellpoop]

well its bullshit every time an add tried to install something the package manager won't open them. Shit I've tried every distro out there and I still can't open them up. What am I doing wrong can someone please help me. I really want to see all these cool things the rest of the world is experiencing.

Re:This drive by thingy everyone is talking about

[sorak]

well its bullshit every time an add tried to install something the package manager won't open them. Shit I've tried every distro out there and I still can't open them up. What am I doing wrong can someone please help me. I really want to see all these cool things the rest of the world is experiencing.

don't worry. I hear WINE is adding support for that.

Computers are a dying breed

This is exactly why iPad type "computers" are the coming thing. Locked down in a walled garden and simple to use. Few people *really* need a 'real' computer when a small "device" will do everything they need.

Re:Adblock is not that great a protection on its o

[rtfa-troll]

To expand on this; the job of an ad agency is to put you in touch with many groups who normally you wouldn't be in touch with. Preferably even groups who you wouldn't want to be in touch with. There's a differece between going to a place you trust which might be compromised and a bunch of such places having the chance to pay to get in touch with you.

Re:Praise for adblock

[Spad]

Cue.

I always wondered that acquisition

At the time Google bought DoubleClick, Google owned the advertisement network with the best reputation (Goolge AdWords/AdSense. Relevant, not-very-annoying text ads) and DoubleClick had perhaps the worst reputation (horrible flash banners, etc.) of them all. I couldn't understand why Google would buy that. Then again, these days Google is pretty horrible towards Ad publishers (closing or freezing accounts without offering any explanation, etc... If you aren't a big name, expect to get buttfucked by Google) while DoubleClick is decent-ish (they should really send their lawyers after dishonest advertisers more... But arguably that's the publisher's responsibility). So doubleclick screws the users but is good for the publishers, Google screws the publishers but is good for the users, both are pretty fine for advertisers. I guess it works out.

(Disclaimer: I work for an agency that does - among other internet related things - SEO, internet advertising and the like. I'm obviously not in any way assosciated with either of the companies unless you count the fact that we hold a number of Google certificates...)

Re:Praise for adblock

[Tom]

add animated GIFs to that list.

I started blocking ads when two things happened, pretty much simultaneously:

One, ad content took over a considerable part of the screen real estate and
two, ads started to distract from the actual content through animation, blinking, sound, etc.

I know advertisement is all about getting your attention, but it tries to do that in contexts where I don't want my attention diverted to something else. I don't mind advertisement on the WC or on the bus that much, it's not as if I had anything better to do there. But when I'm driving or browsing, I hate every single ad I encounter. Luckily, for browsing there is AdBlock.

And I don't like the whining, either. If you business model relies on ads, then your business model is broken. But if you absolutely want to give me ads, how about using text ads? I don't mind those, they are a ton less distracting, which greatly improves your chances of me actually clicking one instead of hating it.

No no, MSN is right on the ball

[SmallFurryCreature]

MS for the security holes, MSN for the exploits. One stop shopping! We have you rooted the fastest! Where do you want someone to make you go today!

Re:Ubuntu is the same as using a taxi

[MichaelSmith]

I think thats a 2CV.

This is why we need to go back to....

[toygeek]

88x31 and 468x60 animated GIF's.

I'm going to implement ad blocking at the router level at my house....

Re:is there anyone left NOT running adblock?

[RobertLTux]

and what i say to those people is
sure i will stop blocking ads when

1 every provider can certify under penalty of law that the ads being served are relevant safe to view and are less than 10% of the page content

2 everybody stops cramming 60% of a given page with various ads cross site links and widgets so that an article thats 4 paragraphs does not need to be on 8 pages because the content pane is smaller than a postit

3 everybody also stops doing videos for everything and actually writes articles (a video of a talking head should be replaced with what the talking head said)

Re:Ubuntu is the same as using a taxi

[DamonHD]

Thanks for the gratuitous rude stereotyping.

Damon

Re:is there anyone left NOT running adblock?

[Skater]

1 every provider can certify under penalty of law that the ads being served are relevant safe to view and are less than 10% of the page content

How did you decide on 10%? I was just thinking that the Simpsons episodes these days are about 22:30 long. That means about 25% of the 30 minute "content" is ads. I wonder what percentage of a magazine or newspaper are ads... 50%?

Re:is there anyone left NOT running adblock?

[SuricouRaven]

And 4) Even under these conditions, ads will remain blocked on any connection for which there is a fixed transfer limit and overuse charge. I'm thinking mostly of mobile phones and internet. Ads are huge. Due to their need to attract attention, the old GIF banner just doesn't cut it any more: Many ads now are interctive flash files with many component graphics, scripts and even audio embedded.

Re:Praise for adblock

[Tom]

But statistically, those annoying ads *work*. They wouldn't be used otherwise - I'm sure the advertising industry has done many studies of this.

Yes and no. Mind you, my marketing class has been more than 10 years ago, but I'm not sure if the basics have changed so much. True is that the marketing industry does invest a lot into research and studies. However, like in many other areas in business, that doesn't mean those results actually get applied. And while results of ad campaign get regularily checked, more often than not the results tell you whether it worked or not (i.e. sales increased) but not why. Which results in many, many legends that have no empirical support whatsoever, but a huge "nobody ever got fired for..." effect - basically, there are things you just do because if you don't and the campaign fails, everyone will blame it on you.

People will learn to just ignore unobtrusive advertising,

People are great at filtering out pretty much anything. It's just that the obtrusive stuff requires more subconscious processing power.

I don't know what comes next. Maybe sites in another year will start requiring users answer a simple question about the advert before they can access the content, to prove that attention really was paid.

Usually, things move in sinus-like waves. I don't know if we have reached the top yet, but I can hardly imagine how much worser it could get. So I imagine pretty soon things will start to move in the other direction, and we just may get the ad insanity under control again. Or things escalate further, until the counter-reaction is likewise strong and we will see a flat-out global ban on advertisement. Now that would be a sight to behold.

Re:I've seen stuff coming from MSN for quite somet

[mlts]

One of my honeypot VMs I use for Web browsing got hit by that when I was visiting a top named site.

In my experience, now that a lot of users are not just running executables willy-nilly, compromised ad networks serving up malicious pages to try to compromise browsers or add-ons is the #1 threat in my book.

To drive the point home, I use AdBlock on the main machine I use for Web browsing. I have yet to see a single script related to PC Antivirus. In reality, AdBlock provides more protection than most AV utilities, because once the Web browser is compromised, most AV utilities are completely useless in detecting and stopping that.

Re:Ipads are a dying breed

[mcgrew]

BadAnalogyGuy, is that you?

Trying to tell me that computers will be made safer by taking away their function is like trying to tell me that cars can be made safer by removing their ability to turn right

It's more like making cars sound an alarm if the seat belt's unbuckled. Yes, some people jailbreak this feature.

Re:I've seen stuff coming from MSN for quite somet

[Archangel+Michael]

THIS is why class action lawsuits against the offending malware serving companies needs to be instituted, starting at the biggest baddest adware serving companies. If DoubleClick serves Malware, it is their responsibility and they need to be sued into oblivion.

Take the profit out of serving ANYTHING to everyone, and start making it cost money, and you'll see the changes you want.