Ask Slashdot: Are AdBlock's Days Numbered?

An anonymous reader writes "This article discusses the ethics and the mechanics of ad-blocking software. Toward the end, it goes into some of the tech that's been built to circumvent ad blockers. Quoting: 'PageFair offers a free JavaScript program that, when inserted into a Web page, monitors ad blocking activity. CEO Sean Blanchfield says he developed the monitoring tool after he noticed a problem on his own multiplayer gaming site. PageFair collects statistics on ad blocking activity, identifies which users are blocking ads and can display an appeal to users to add the publisher's website to their ad-blocking tool's personal whitelist. But Blanchfield acknowledges that the user appeal approach hasn't been very effective. ClarityRay takes a more active role. Like PageFair, it provides a tool that lets publishers monitor blocking activity to show them that they have a problem — and then sells them a remedy. ClarityRay offers a service that CEO Ido Yablonka says fools ad blockers into allowing ads through. "Ad blockers try to make a distinction between content elements and advertorial elements. We make that distinction impossible," he says.' Is this arms race winnable? By which side?"

Adblock is also a safety measure.

[DittoBox]

AdBlock is something I've started installing for friends and family more as a way to block malware, than as a way to block ads outright. Poisoned ads (malvertising) account for a lot of malware installs. Just Google for iTunes or Firefox and the top ad results are malware infected installers.

Besides the incredible annoyance of ads in the slow downs they cause, they're also a dangerous pathway to malware and viruses. Common methods like embedding an iframe into a page that loads a script that targets a browser exploit to install something nasty (drive-by downloads), oneclick exploits, baiting users to download things, etc.

Ad networks—at least the slimy ones—don't care because they're getting paid.

Re:NoScript

[hairyfeet]

What I want to know is this....are the website operators going to take responsibility and pay for the damages the malware carried in their precious ads cause? No? Then please DIAF you greedy little self centered shits, your "business model" is a blight upon the planet and needs to die!

Do you guys have ANY idea what happens when you take the average Windows PC and block 100% of the ads? Or block them on an *Android phone or tablet? Honestly you might as well not even have AV as its never gonna get anything to attack, infections drop right of the map. Leave their precious POS business model intact? Say hello to a PC that has more nasties than a Bangkok Whore on Sunday morning after shore leave as infected ads are the #1 source for zero days, drive bys, and social engineering and these greedy little piggies want the profits but they want to take ZERO responsibility for the messes their profits make.

So sincerely, from the bottom of my heart...go fuck yourselves website owners. Do you guys have any idea how fucking TRIVIAL it is to make ads that waltz right pass the ad blockers? 1.- Make ads first party (so they have to actually wake the fuck up and see what they are shoveling), 2.- Make them text or basic images like JPG or GIF (but then they couldn't hijack your speakers and blow your ears off, what fun is that?) and NO FLASH ADS because flash zero days are one of the biggest attack vectors out there (but then they couldn't get "teh big bux" for having the most annoying Goatse of ads spewed on their pages)

So do what old Hairy does, when a site "appeals to turn off your blocker" I head straight to their forums and ask them right out "Are you gonna take financial responsibility when one of your ads infects one of my customers?" and then point out how trivial it is to bypass the blockers with non-threatening content. You'd be surprised how many people don't know that those pieces of malware they "just keep getting somehow" are coming from assholes like in TFA and spreading the word is required to bring this to a head. They are making profits from a risky business, they should have to assume the downsides as well as the profits and clean up their own messes.

*.-The Googleits can piss and moan like the Cult of Jobs how "But but but...those don't count!" but from my seat at the shop the #1 source of Android malware? Social engineering, tricking the user into installing that .APK from an unknown source and taking control of the system...where are they seeing the social engineering instructions that take them to the website and show them how to bypass the appstore? The same place Windows users are getting social engineering, through ads.

Re:Own your own adds

[istartedi]

This. We may find that the current online advertising model is like the Soviet revolution. If the hosting site and the ad scripts start working in concert, it might be like a crackdown by hardliners. Unlike a totalitarian regime, migration from your site is usually not that difficult. You'll lose the users. Maybe then commercial sites will realize that they have to go back to something more like the old print media model. You couldn't just blindly turn over newspaper pages to 3rd parties. Advertisers had to trust things like circulation figures and demographics. It was a far less sophisticated analytic. Publishers will have to be trustworthy enough for advertisers to trust *publisher* analytics. If the New York Times really wanted to be innovative, they are the kind of company that could do this. That, along with getting rid of user registration would really shake up the industry. I think it'd be a clear winner as long as the publisher didn't do the same kind of scripted nasties that ad networks currently do.

Wouldn't you love to be able to browse a high quality site, knowing that the ads aren't going to ass-rape your system? Aside from that, wouldn't it be nice to look at page archives 30 years from now and see period ads. You can look at magazines from 100 years ago and get insights into the culture, and develop an appreciation for the history of strong brands like Coca Cola, or oddities like patent medicines with radium in them. Future historians will look at the last 20 years as if the tape of our commercial activities had been erased.

Flashblock is my middle ground

[tepples]

Make them text or basic images like JPG or GIF (but then they couldn't hijack your speakers and blow your ears off, what fun is that?) and NO FLASH ADS because flash zero days are one of the biggest attack vectors out there

I agree, as does the featured article: "In addition, users who dislike the distraction of Flash-based advertising can install browser add-ons that just block Flash content, such as Flashblock for Firefox and Chrome." Flashblock for Firefox is the middle ground that I've been choosing for years. And before that became available, I had a practice of hosts-blocking any ad server that served SWF on a site. Slashdot was surprisingly one of the first sites I saw that showed an SWF ad for Splunk log analysis software, and whatever server was serving it was the first to get 0.0.0.0'd in my hosts file.

(but then they couldn't get "teh big bux" for having the most annoying Goatse of ads spewed on their pages)

Yeah, the article quotes the VP of some web advertising consulting firm who whines that static ads have an unviably low CPM. Boo hoo.

Re:NoScript

[Mister+Transistor]

I absolutely hate that shit, you go to a site and it renders, then goes dark because some fucking scrip takes over and tries to force some card on me or some shit. Fuck them. Big time. I see that shit, I'm outta there. Period.