I haven't tried, but my guess is no. Ads displayed alongside Google results can be for porn, but if I go to a porn site with Opera I get Opera's default ad (thanks to alternate_ad_url), and if I go to a porn site with Firefox+adbar I get an ad asking me to donate to a charity. I think Google doesn't want to accidentally show porn ads for sites that aren't actually porn sites.
Unless I'm horrendously mistaken, XPI files are in plain text, and are script files.
XPIs are zip files that can contain JavaScript, XUL, CSS, and even compiled DLLs. Adbar only uses JavaScript, XUL, and CSS, so its "source" is visible to anyone who unzips it. That doesn't make it open-source, though. Its license relaxing copyright makes it open-source.
So, really, what's stopping someone from creating one of these that sits in the background (no adbar) and generates clicks automagically?
My initial plan was to use the MPL. mozilla.org provides a combined MPL/GPL/LGPL boilerplate block, so it's just as easy to tri-license the code as it is to MPL it.
If you upgrade from Firefox 0.9.x to a branch nightly build (or wait for Firefox 1.0 Preview Release), middle-clicking and control-clicking the ads will do the right thing.
Perhaps they do this because it will help them make more money in the long run rather than because they prefer not being evil, but does it really matter why they do it?
Never mind. Now I see that you were responding to "I think people should support advertizing projects that take the high moral road."
You pay to go see a movie, not to go see a 15 to 30 minutes of ads. It doesn't offset the cost of the movie.
I agree. I paid for the movie. Assuming the ads make the theater $1/ticket, I feel like I'm being paid $1 for watching 15 minutes of ads.
I'm ok with movie trailers, though. I don't know how to reconcile that with being against other ads before movies.
Ad's make sense in TV in sports arenas, newspapers, slashdot, google. They simply don't make sense on my desktop, that I pay for, that I pay bandwidth for, that I foot the bill for.
Developing software costs money too. You can choose not to use Opera or Adbar because you'd rather not see ads, but it does make sense for the free version of Opera to include ads if it makes them money.
Unlike you, no one is thinking about morals and high roads in the ad industry.
Google puts a lot of effort into making its ads unobtrusive and useful. Perhaps they do this because it will help them make more money in the long run rather than because they prefer not being evil, but does it really matter why they do it?
There are two ways advertisers can "violate your privacy".
* They can send you unwanted advertisements (spam e-mail, junk faxes, telemarketing, adware). With spam and ads from adware, it is often difficult to tell where the ad came from and how to stop receiving ads from that source.
* They can select which ads to show you based on information you consider private, such as demographic information or the contents of e-mails you receive.
I don't mind the second, as long as I don't see ads for porn while someone is looking over my shoulder. Google was wise to make Gmail select ads based only on the current message.
You should try cookie whitelisting instead of the "ask me every time" setting. Here's how to use it in a branch nightly build of Firefox:
1. Select "keep cookies until I close Firefox" instead of "ask me every time". (You almost never want to reject cookies from a site completely, because that breaks many sites.)
2. Whenever you want to stay logged into a site (Slashdot) or save site preferences (Google), go to your Exceptions window and set that site to "Allow".
Then you won't have to deal with cookie dialogs every time you go to a new site.
The whitelisting feature exists in Firefox 0.9.x, but the terminology is slightly different.
Ahh. I'm used to "zone" being broader than "same-origin context". For example, slashdot.org and squarefree.com are both "internet zone" but can't read data from each other.
While local files loaded in Firefox are more powerful than they should be, local files loaded in IE are much more powerful than they should be, like you said.
Except this would allow text files (on your hard drive) to be parsed as html files (and get the javascript associated with them). However, it's not earthshattering as it would be in IE because if it were IE, it would get extra "local zone" permissions. The only addition of permissions in moz is being able to link to other file: locations.
Not true. A local HTML file loaded in Mozilla can read all the.txt,.html, and.xml files on your drives. See my page, Security tips for users.
No, it was ignored largely because the only real solution (make part of the browser UI unspoofable by making it always-visible) would break some web apps.
The bug (217527) is not fixed in Firefox branch nightlies either, but it's "plussed" for Firefox 1.0 PR, so you can expect it to be fixed. See bug 217527 and bug 246382 (a regression caused by the fix for bug 217527) for details.
Slashdot Mirror
I haven't tried, but my guess is no. Ads displayed alongside Google results can be for porn, but if I go to a porn site with Opera I get Opera's default ad (thanks to alternate_ad_url), and if I go to a porn site with Firefox+adbar I get an ad asking me to donate to a charity. I think Google doesn't want to accidentally show porn ads for sites that aren't actually porn sites.
Unless I'm horrendously mistaken, XPI files are in plain text, and are script files.
XPIs are zip files that can contain JavaScript, XUL, CSS, and even compiled DLLs. Adbar only uses JavaScript, XUL, and CSS, so its "source" is visible to anyone who unzips it. That doesn't make it open-source, though. Its license relaxing copyright makes it open-source.
So, really, what's stopping someone from creating one of these that sits in the background (no adbar) and generates clicks automagically?
The AdSense terms of service.
Yes, it's horrible that I had 12 hours to waste yesterday.
Yep, that's about right.
I'm the author of the adbar extension. I was also one of the first to propose blocking pop-ups, although the method I proposed wasn't very good.
They're "test ads" in that they don't generate revenue, but they're still loaded from pageads2.googlesyndication.com.
Correct, the reason it runs in test mode is that I haven't asked the Adsense folks at Google for permission yet.
Or it could show you ads for get-rich-quick schemes.
My initial plan was to use the MPL. mozilla.org provides a combined MPL/GPL/LGPL boilerplate block, so it's just as easy to tri-license the code as it is to MPL it.
If you upgrade from Firefox 0.9.x to a branch nightly build (or wait for Firefox 1.0 Preview Release), middle-clicking and control-clicking the ads will do the right thing.
Replying to myself...
Perhaps they do this because it will help them make more money in the long run rather than because they prefer not being evil, but does it really matter why they do it?
Never mind. Now I see that you were responding to "I think people should support advertizing projects that take the high moral road."
You pay to go see a movie, not to go see a 15 to 30 minutes of ads. It doesn't offset the cost of the movie.
I agree. I paid for the movie. Assuming the ads make the theater $1/ticket, I feel like I'm being paid $1 for watching 15 minutes of ads.
I'm ok with movie trailers, though. I don't know how to reconcile that with being against other ads before movies.
Ad's make sense in TV in sports arenas, newspapers, slashdot, google. They simply don't make sense on my desktop, that I pay for, that I pay bandwidth for, that I foot the bill for.
Developing software costs money too. You can choose not to use Opera or Adbar because you'd rather not see ads, but it does make sense for the free version of Opera to include ads if it makes them money.
Unlike you, no one is thinking about morals and high roads in the ad industry.
Google puts a lot of effort into making its ads unobtrusive and useful. Perhaps they do this because it will help them make more money in the long run rather than because they prefer not being evil, but does it really matter why they do it?
What eyecandy graphics? Are you referring to the way ads included with the extension are white, and Google ads it shows are blue, green, or red?
There are two ways advertisers can "violate your privacy".
* They can send you unwanted advertisements (spam e-mail, junk faxes, telemarketing, adware). With spam and ads from adware, it is often difficult to tell where the ad came from and how to stop receiving ads from that source.
* They can select which ads to show you based on information you consider private, such as demographic information or the contents of e-mails you receive.
I don't mind the second, as long as I don't see ads for porn while someone is looking over my shoulder. Google was wise to make Gmail select ads based only on the current message.
You should try cookie whitelisting instead of the "ask me every time" setting. Here's how to use it in a branch nightly build of Firefox:
1. Select "keep cookies until I close Firefox" instead of "ask me every time". (You almost never want to reject cookies from a site completely, because that breaks many sites.)
2. Whenever you want to stay logged into a site (Slashdot) or save site preferences (Google), go to your Exceptions window and set that site to "Allow".
Then you won't have to deal with cookie dialogs every time you go to a new site.
The whitelisting feature exists in Firefox 0.9.x, but the terminology is slightly different.
They're bundling GPL software (Shareaza) with spyware. Does that mean the spyware is GPL too?
P2P apps let you include the MD5 hash in the link or .torrent, so there's no need for users to check the MD5 after downloading.
The article notes that the design was dictated by the Transportation Security Administration.
The only possible explanation: the Statue of Liberty is actually a spaceship in disguise.
Static, I think. Upgrade to Mozilla 1.7.2 or Firefox 0.9.3 (both released yesterday) to pick up the libpng fixes.
Ahh. I'm used to "zone" being broader than "same-origin context". For example, slashdot.org and squarefree.com are both "internet zone" but can't read data from each other.
While local files loaded in Firefox are more powerful than they should be, local files loaded in IE are much more powerful than they should be, like you said.
Except this would allow text files (on your hard drive) to be parsed as html files (and get the javascript associated with them). However, it's not earthshattering as it would be in IE because if it were IE, it would get extra "local zone" permissions. The only addition of permissions in moz is being able to link to other file: locations.
.txt, .html, and .xml files on your drives. See my page, Security tips for users.
Not true. A local HTML file loaded in Mozilla can read all the
Where are you going to get security patches to Mozilla 1.6? Mozilla 1.4 and Mozilla 1.7 are long-lived branches; Mozilla 1.6 isn't.
No, it was ignored largely because the only real solution (make part of the browser UI unspoofable by making it always-visible) would break some web apps.
I don't understand your sig, which is probably a sign that I need to watch Haibane again.
The bug (217527) is not fixed in Firefox branch nightlies either, but it's "plussed" for Firefox 1.0 PR, so you can expect it to be fixed. See bug 217527 and bug 246382 (a regression caused by the fix for bug 217527) for details.