Ask Slashdot: Are AdBlock's Days Numbered? 731
An anonymous reader writes "This article discusses the ethics and the mechanics of ad-blocking software. Toward the end, it goes into some of the tech that's been built to circumvent ad blockers. Quoting: 'PageFair offers a free JavaScript program that, when inserted into a Web page, monitors ad blocking activity. CEO Sean Blanchfield says he developed the monitoring tool after he noticed a problem on his own multiplayer gaming site. PageFair collects statistics on ad blocking activity, identifies which users are blocking ads and can display an appeal to users to add the publisher's website to their ad-blocking tool's personal whitelist. But Blanchfield acknowledges that the user appeal approach hasn't been very effective. ClarityRay takes a more active role. Like PageFair, it provides a tool that lets publishers monitor blocking activity to show them that they have a problem — and then sells them a remedy. ClarityRay offers a service that CEO Ido Yablonka says fools ad blockers into allowing ads through. "Ad blockers try to make a distinction between content elements and advertorial elements. We make that distinction impossible," he says.' Is this arms race winnable? By which side?"
NoScript (Score:5, Insightful)
Beat that, suckers.
Re:NoScript (Score:5, Insightful)
...and suddenly the pages stop working altogether. It is trivial to make a page that is empty and use JavaScript to load the contents of the page. If these guys resort to AdBlock-detectors, why do you think they would allow NoScript to circumvent that?
Stop infecting me.. (Score:5, Insightful)
Stop trying to infect me with malware and perhaps I'll stop blocking you from my browser.
Re:NoScript (Score:5, Insightful)
Own your own adds (Score:5, Insightful)
If you want an add to appear on your page take ownership of it. Host it as an image file on your own website that you control and you are responsible for.
Anything else, we intend to find ways to block it, because we have learned the hard way that you cannot trust advertisers to not infect your system with malware (not always intentionally, but lets face it, that's a big source of failure).
Re:NoScript (Score:5, Insightful)
Then it's a bad site not worth your time.
zero tolerance and who owns my computer (Score:5, Insightful)
I own my computer. I've been convincing every of my friends and family members to adopt a zero tolerance policy toward internet advertizing, partly as it's a huge security risk as seen in all recent stories about malware delivered with ads, and partly to opt out of "big data" collector activities.
Advertizers don't get it. My computer runs what I want it to, not what THEY want it to. They may make polite requests to display things, or to run things, which I can either say yes or no to.
The internet existed for decades before advertizers discovered it, and it'll be just fine - better even! - after they depart. Maybe we'll go back to its roots of crowdsourced content, rather than "big corporate content".
When I can no longer block ads (Score:3, Insightful)
I will no longer surf the internet. The same way I no longer watch TV.
I am bored with it now anyway.
It might just have been a very long fad with me.
Annoying (Score:5, Insightful)
Re:NoScript (Score:5, Insightful)
JavaScript performance on mobile is terrible - like 10x slower than desktop. If you make your website dependent on javascript, prepare to lose a lot of mobile customers who won't have the patience to wait it out.
Dangerous (Score:4, Insightful)
Sorry but when an errant ad can serve malware (see Yahoo) it's just not worth taking a chance.
Web site operators have the attitude that their revenue stream is more important than the integrity of their visitors computer.
AdBlock + NoScript is antivirus for the web.
Simple solution (Score:5, Insightful)
Host your own ads - make them unobtrusive - people will still see them AND the content.
Being lazy and outsourcing it to others... you get what you deserve.
If the ads win, I drop the site (Score:5, Insightful)
The people that are using ad-blockers are stating "I am annoyed by adds". These people seem to think it is a good idea to show the people that have flagged themselves as getting annoyed by ads more ads. That seems really really dumb.
These people should be careful what they wish for. There are many, many sites out there for people to browse on. Annoy a "customer" to much and it is very easy for them to go elsewhere.
Re:That's cute (Score:4, Insightful)
Wouldn't it be trivial to use the ad blocker to block the ad block detection script?
AdBlock vs Not Visiting the Site (Score:5, Insightful)
AdBlock and similar tools might be defeated, but nothing can defeat me not visiting the site again if the ads are too annoying. I'll put up with some tasteful ads, but too many annoyances and I just will block the site entirely.
rethink the ads you're serving (Score:5, Insightful)
If I see banner ads or anything else obnoxious, and I can't keep them blocked and still use the site, I'll find what I want elsewhere.
I'm ok with the text-based ads Google is known for, and I'll even click on them when they're relevant to what I'm looking for... because they're not obnoxious! They aim to be helpful!
Re:NoScript (Score:5, Insightful)
If a human can view the content and work out where the ads are, so (ultimately) can a computer - the obvious fix for now is that Greasemonkey can be used to sort those out.
I'd also add though, this may well be heavily counter-productive for many sites. There is very little truly unique content out there in reality - and as a consequence it is worth far less to the marginal user than the site owners often think it is. Some of the sites which lose viewers because of this may simply say "good riddance" as those users are a net drain on resources - but that's a dangerous path to take as those people are, I would imagine, more likely to be either influential opinion-formers (who drive much more traffic to the site who won't block ads), or providing user-generated content which has value in itself.
Re:NoScript (Score:5, Insightful)
Fine with me.
I'll just use a different website.
Here's a radical idea... (Score:5, Insightful)
If people are blocking your ads, it's probably because they're not interested in seeing the god damn ads. Sneaking past the ad blocker won't result in me going "gee, you got me, I'll be good and click on your ad now." More likely it will piss me off to the point where I stop visiting your site.
Stupid marketers and their "arms race" mentality was what resulted in people developing and using adblock and noscript in the first place. "What do you mean people still aren't clicking on our ads? It's got a dancing monkey with a flashing background and it occupies half the browser window! Fine, we'll make it play music too, and pop up fifty windows... maybe THEN they'll realize the error of their ways and click on it."
Re:Is it really that hard to ignore the ads? (Score:3, Insightful)
Flash ads that play sound really loudly and/or move across the screen don't annoy you? How about the current trend of pop over javascript windows that wait 10 seconds or so for you to start reading, and then fade the page as they pop up, forcing you to click them closed? Those are fucking aggravating, and a lot of sites do that now. The passive 'just don't visit that site' tactic doesn't actually solve the problem. There has to be a way to push back. ad blockers allow this.
Unsolicited audio (Score:5, Insightful)
And no goddamn auto-playing sounds either.
Re:If the ads win, I drop the site (Score:3, Insightful)
Why do you consider yourself a "customer" if you are not paying to be on the site through viewing ads? Isn't that more of a parasite than a customer?
What other way would you prefer to help fund the site's content?
On no longer using Ad Block (Score:5, Insightful)
I'll consider abandoning Ad Block when a decade after ads are no longer the leading cause of malware. Until then I consider it a security requirement along with noscript.
Re:NoScript (Score:5, Insightful)
Re:NoScript (Score:5, Insightful)
Bah, they'll just wrap the content in JavaScript. Wanna use NoScript? Fine, then you don't get to access the content.
Works for me.
No, really, it does - for the websites that I absolutely have to access no matter what, I've already whitelisted them. For everything else, I couldn't care less.
So far, those sites which spew the most adverts (minus the blockers) are the ones I really don't give a damn about.
If I connect, no problem, and I will determine how much of my attention that I give to their ads by whitelisting (if the site is IMHO worthy enough to go back to more than a couple of times, I whitelist them and help them out a bit, unless the ads are uber-intrusive.)
If I don't connect, no problem, I'll go somewhere else and likely not even bother revisiting except by accident.
Re:I don't know what all the fuss is about (Score:2, Insightful)
You are a tool, and I say that as someone who worked for DoubleClick for 4 years...
Re:Stop infecting me.. (Score:5, Insightful)
This is my biggest my biggest issue with most of the ads on the internet. When it comes to sites that are proactive and actually have an approval process for ads and wrap them up in their own delivery system to avoid spreading malware to their customers, I let the ads through. Sites that take a reactive stance towards possible malware (or no action at all) and basically just spew whatever crap the third party advertiser gave them unfiltered get blocked.
The way I see it is if you don't care whether or not you're spreading malware you don't deserve ad revenue. Hell, you don't deserve any business from me at all.
It doesn't matter and won't affect me (Score:4, Insightful)
It may not be obvious to the /. crowd, but nobody uses ad blockers. Of the people I know, I am the only one who does.
If a website goes to the trouble of preventing ad blockers for such a tiny demographic, chances are high that I'm not interested in their "content" anyway (if there is any).
Re:NoScript (Score:5, Insightful)
Then YOU get to ask YOURSELF whether YOU want to take the risk of running THEIR scripts on YOUR system in order to read/watch THEIR content.
Individual preferences will, of course, vary. But I've found that the sites that run scripts usually don't have much content worth my time.
As for ads ... if they weren't so abused in the first place (pop-ups, pop-unders, flashing, auto-run-sound, slowing-down-the-entire-page, redirect-on-close, etc) then there wouldn't be such a large movement to block them.
Ads today are not as much about selling a product as tracking where you go and what you click on. The products advertised bear no relationship to the site I've visited.
What's missing from the discussion (Score:5, Insightful)
I'd warrant (but don't have the statistics to back me up) that the typical ad-block user would be less prone to click on ads if forced to see them than a typical surfer. I don't see why these crybaby advertisers are so desperate to reach a market that would have low click-through rates. The advertisers win by not needing the extra bandwidth necessary to serve up ads to people that wouldn't click on them anyways.
The wrong question is being asked.... (Score:5, Insightful)
Stop messing with MY system, and I'll stop messing with your ad's.
Re:NoScript (Score:2, Insightful)
Lynx 4TW!!
Re:NoScript (Score:5, Insightful)
Why do so many mobile sites popup a dialog which is mostly off the right of the screen, and where, when you zoom in to try and find where they've hidden the non-standard, non-intuitive 'close' icon, it moves further offscreen? How am I supposed to remove the popup (which is covering a lot of the content, and making the screen dark to 'highlight' its importance)? 2014 - it's hard to deal with small screens? How? How is it hard? How did you get a job writing websites when they're so fucking sucky?
Re:NoScript (Score:5, Insightful)
but the reality is that these sites have to pay the bills somehow.
And yet, here we are almost 20 years into the web and stuff is still largely free.
Personally, I think ad blockers must not be much of a problem or sites would be serving up the ads from their own domain. Right now they are trivial to block - most ads can be killed with a simple hosts file.
Re:NoScript (Score:5, Insightful)
You're the one living in some sort of out of touch fantasy.
I care about security and safety. Also as a side effect, I get often get better performance. I don't care about "sticking it to the man". I am just trying to prevent the man from infecting me when he tries to "stick it in me".
The crap on some pages is just beyond belief. A pile of crud turning a 2014 broadband connection into a 1994 dialup connection.
Re:NoScript (Score:5, Insightful)
Some of the sites which lose viewers because of this may simply say "good riddance" as those users are a net drain on resources -
I'm quite sure that's how they'll see it.
but that's a dangerous path to take as those people are, I would imagine, more likely to be either influential opinion-formers
A lot of geeks like to think they're influential opinion-formers. Most of them are far less influential than they imagine, and the guys running web sites know this for a fact because they have actual statistics from exactly the kinds ad-blocker-aware tools we're discussing here.
Re:NoScript (Score:5, Insightful)
"Amen! Preach on ma' brotha'!"
Seriously, though. That is exactly why I installed an ad-blocker. I specifically allow sites I visit in order to live up to that philosophy, but I have yet to see a single site since 1999 that hosts 100% of its own advertising. I actually enjoy seeing in house ads for exactly this reason, even if the site reviews the product it is advertising, because it shows that they give a care about their users/readers.
Re:NoScript (Score:5, Insightful)
Not to mention the viruses and malware that have been served up by some advertising networks, which has appeared on major sites. I noticed that TFA didn't mention that adblockers can protect users from malware.
Re:NoScript (Score:3, Insightful)
Then YOU get to ask YOURSELF whether YOU want to take the risk of running THEIR scripts on YOUR system in order to read/watch THEIR content.
Of course Javascript is limited to accessing THEIR content. Anything else on YOUR system is out of reach of Javascript.
But I've found that the sites that run scripts usually don't have much content worth my time.
Then you aren't using much in the way of Web 2.0 sites. Most of the interactive web-sites since Google Maps are unavailable to you. Hope you like the 1990s.
I'm all for blocking ads. But disabling Javascript altogether is throwing out the baby with the bath water.
Re:NoScript (Score:5, Insightful)
Too bad that's too big to print on a tee shirt. Good rant.
There are sites I would happily support by whitelisting them in adblock, but I've seen their ad companies send infectious shit and other problematic ads down the pipe. And when it happens they block it and apologize, but that doesn't prevent anything from happening first.
Re:Flashblock is my middle ground (Score:5, Insightful)
They ALL have low CPM. And the more obnoxious and intrusive the ad, the more you're pushing people to ad blockers. (or simply abandoning your site) With the ever increasing greed from ISPs in the form of bandwidth limits and heavy overage fees, **I** don't want to be paying the per-byte costs of completely USELESS content. Go use the internet over dialup for just an hour and tell me how much you like all the bull**** ads, or the overabundance of enormous javascript libraries.
Re:NoScript (Score:5, Insightful)
A web page that is blank with JavaScript turned off is equally devoid of content with it turned on, even if you can technically see words and pictures.
If you want me to look at (and ignore) your ads, make them less offensive, and do some testing to ensure they don't make the page literally unreadable.
Re:NoScript (Score:2, Insightful)
Then it's a bad site not worth your time.
Then why are you on Slashdot? It is not worth your time right? You said it yourself. Infact, name one website and I MEAN 1 website that has no javascript? Name one please?
Yeah lets get rid of text too while we are it! Lets make the web complete unpractical and useless for what people use it for? After all I am sure people would agree to give up gmail, facebook, google maps, and would love to have a boring set of text files that do not do anything all on your principal.
Seriously this is the age of Web 3.0 and going back to web 1.0 means you are not part of the web but more of a text viewer. ... I can picture the replies right now saying YES THAT WHAT THE WEB WAS MEANT TO BE a Hypertext text viewer only! Keep bloat out yada yada.
But in 2014 we have email, Slashdot, and sites that process logic and require dynamic page generation and logic which javascript is used. It is not a simple hypertext viewer and you are clueless to say anything else otherwise as appear a luddite.
Re:NoScript (Score:5, Insightful)
Then YOU get to ask YOURSELF whether YOU want to take the risk of running THEIR scripts on YOUR system in order to read/watch THEIR content.
Of course Javascript is limited to accessing THEIR content. Anything else on YOUR system is out of reach of Javascript.
But I've found that the sites that run scripts usually don't have much content worth my time.
Then you aren't using much in the way of Web 2.0 sites. Most of the interactive web-sites since Google Maps are unavailable to you. Hope you like the 1990s.
I'm all for blocking ads. But disabling Javascript altogether is throwing out the baby with the bath water.
The point of NoScript is not do disable Javascript alltogether. The standard browser settings include a checkbox to disable Javascript entirely for all sites. That isn't what the add-on NoScript is for. NoScript is there to selectively disable the scripts that you decide are unnecessary.
I wish people who actively choose to comment on a thing would take a moment to acquire the most basic familiarity with that thing. It would lead to far fewer redundant posts and far fewer posters who are convinced they've pointed out the "obvious flaw" that no one else was smart enough to ever think of...
Re:NoScript (Score:4, Insightful)
But in 2014 we have email, Slashdot, and sites that process logic and require dynamic page generation and logic which javascript is used. It is not a simple hypertext viewer and you are clueless to say anything else otherwise as appear a luddite.
/. works just fine for me with javascript disabled.
That's what Classic Mode is for. I even prefer it.
If disliking highly dynamic websites makes me a luddite, then I will proudly bear that distinction.
P.S. E-Mail doesn't need javascript. It never did and it never will.
Re:Flashblock is my middle ground (Score:3, Insightful)
I sometimes turn off adblocking and find that I turn it back on within a few minutes. The primary reason is that the latency gets ridiculous and the ads themselves aren't particularly kind to my resources either.
I don't personally mind ads, but the fact that they're also resource hogs, security risks and sometimes engage in fraudulent activities doesn't really instill any interest in my allowing them on my machine.
Re:Flashblock is my middle ground (Score:5, Insightful)
I don't have a problem with javascript, as I do make stuff with it. Done right, you don't have as much impact on the bandwidth as you think. If you have megs of javascript libraries being referenced from external CDN's, you're doing it wrong.
It's going to go down that road anyways till the end. Web browsers have ceased being about document markup and rendering, which is how it started, to running external code in complicated sand boxes. You can't put that genie back in the bottle.
The issue is being able to trust that javascript, which is really about trusting the sandboxes to not allow malicious code to be run. Tracking is a problem of course, but that is mitigated by blocking software that stops those specific scripts and domains from working. Once a Big Data company like that gets big enough, they'll just get shut down by the blockers, which is a very good thing. It protects our privacy as well as our computers.
If you don't want javascript and external code libraries you're only other option is to have a single universal API developed that ALL browsers adhere strictly to. Blocking tracking software is simple as a permissions setting at that point to not listen to any tracking tags or events set up in the page. AJAX type events would need to be classified accordingly and secured. An event going toward a different domain than the page? Blocked by permissions. Image not from the domain? Don't even download it based on permissions. CDN's should be registered in the browser as an alternative for any file that needs to be downloaded for a "page".
Above all, that API should have plentiful RBL's that outright disable all external calls. We want accountability? How about within an hour of malware being downloaded those RBL's are proactive like some email services and browsers start blocking that particular site or CDN automatically? That would make propagation of malware a real bitch in production. Not to mention if you are a big outfit and that happens people will start getting fired till it's fixed. I've been in a major company that got their email shut down by Cisco IronPort (Over half the vendors they dealt with were rejecting mail). Some yahoo in the data center thought it would be cool to run his own little server which got hacked and delivered out 9 tons of spam that shut down corporate email for 4 days till IronPort finally cleared it up.
Can you even imagine what would happen if one of those RBL systems blocked Yahoo by default a week or two ago? Shit storm indeed, but a needed one.
We don't have any of that.
What we *do* have is a clusterfuck of technology that developed from an interesting idea to effectively share a word processing screen at universities that is fundamentally toxic to us. We spend billions cleaning it, defending it, and developing it, etc.
It just needs to be scrapped and start over.
So no, blocking javascript is not the answer either. Unless you want to be left behind with non-working pages because people like me are getting really tired of needing to expend those resources for graceful failure. We don't have the time or the money to do that anymore (not in this economy) and javascript and JQuery (along with the other JS frameworks) are here to stay. So many of the "shiny" features out there only work in an event based framework where I can modify the DOM without reloading the entire page.
The whole mess is just terrible and we keep refactoring code to old email and document markup systems without addressing the underlying issues at all.
Re:NoScript (Score:5, Insightful)
Re:Flashblock is my middle ground (Score:5, Insightful)
The root issue is people are stupid and lazy. If your 250k of JS actually does things, that's one thing. When you include (an uncompressed) version of JQuery to use one tiny function (that you don't JQuery to actually do), or worse don't use any part of it, you're wasting everyone's time and bandwidth.
Every time I research how to do something in a browser, every. single. fucking. time. The top 90 out of 100 answers is to load some enormous bloated framework widget toolkit and kitchen sink replicator. for what has, in every case so far, boiled down to 1-2k of formatted, human readable JS. Apparently, I'm the only motherf***er in the universe that cares if his web page is 3k vs 300k, in 1 file vs. dozens.
Re:Flashblock is my middle ground (Score:5, Insightful)
no. the toxicity comes from the advertising and the insistence on javascript (and flash and java etc applets).
just displaying documents is harmless. it's the fact that web-dev fuckers (and worse, "designers") want to run arbitrary code on millions of computers belonging to other people that is the source of the harm.
you're making the mistake of assuming those "shiny" features are essential. they're not. in fact, more often than not, they're a PITA and end up being a reason not to return to the site.
if a web site or even just a web page doesn't work without javascript, then it is broken. js can be useful to *optionally* enhance a page, but the page should work (i.e. display the important information and navigation controls) without javascript.
BTW:
so CDNs become a back door for malware because they're all whitelisted/trusted. what's the point of managing permissions for a site if that site can just bypass restrictions by uploading their scripts and malware to a popular CDN?
doing that would also allow CDNs to spy on users as they browse from site to site, linking accounts and IDs and activities - same as ad networks now (which is yet another reason to run adblock).
if ads were just static graphics without any animation and without spyware/tracking and without javascript then most people wouldn't give a shit about ads and wouldn't bother blocking them (it was animated GIFs that motivated me to write my first ad blocker in the mid 90s...the text and static GIFs that were common before then didn't annoy me enough to be worth the bother of eliminating)
Re:NoScript (Score:5, Insightful)
you're making things too hard for yourself.
the correct way to render a page is however the user wants it rendered at that moment in time. this may vary based on the device they're using, the time of day, how tired their eyes are, arbitrary whim, and thousands of other factors - almost none of which can be anticipated or predicted by you.
amongst other things, that means web sites should emit just plain xhtml with simple css and don't do any fucking with the DOM with javascript. if the client's renderer is broken, then it's their problem, not yours. don't try to fix it or work around it with js or stupid hacks - it's just fucking broken and will never get fixed as long as people like you keep making work-arounds.
and nobody ever wants a mobile app. no user does, anyway. it's arsehole companies and marketing vermin who want users to be running their own special purpose spyware app rather than just visit a web site.
Re:Flashblock is my middle ground (Score:5, Insightful)
There is an argument that a small site with low visitor counts can get away with a 1 meg download that is cached afterwards anyways. That being said, I think anyone that claims they are anything greater than a novice must use scaleable web design practices. Meaning, that you have to justify every single 1k of data being returned by the web server.
The problem you reference are what I call the web hobbyists. Web developers are plagued with the hobbyists to the extent that people by default think they are fucking morons.
I'm being nice, but there are so many people out there selling their development services that don't even understand PHP or JS and can only follow instructions on some page to get a Wordpress plugin to work. These are the people operating at such a high level of abstraction that they have no idea how a web browser actually works at all. I'm no expert and even I understand headers and the general theory behind rendering and running client side code.
Trial and error by shoving JS on a page and hoping for the best is quite normal unfortunately.
I actually had somebody give me a page back that they had worked on, (which looked very good), and required some JS to dynamically do something (don't remember). They literally copied and pasted the JS from some blog page and gave it to me as a finished product. Never bothered changing the ID, let alone creating a class, and let the code run trying to attach events to non-existing page elements. The library was not even included.
That person probably represents the norm for the armchair web hobbyist that would be unemployed if it was not for Wordpress.
The answer is easy (Score:3, Insightful)
1. Stop making ads so annoying, loud, dangerous to computers.
2. People won't use adblocking software.
I am morally opposed to using adblock software, but I use it anyways. Mainly because while watching TV shows online, they play the same commercial about 25 times during the course of an episode, and at approximately 15x the volume of the show, even managing to circumvent my system volume, AND they come last with shit spyware/adware/viruses that I don't have time to deal with.
If advertisers and the content companies would fix the problems with online advertising, I would gladly accept it, but I'm not watching 2 hours of ads for a half hour show at 10x the volume while my super-computer grinds to a half from the bullshit packaged with them. I want you to make money, I want to be a part of that, I want content on the internet to be profitable. But I sure as hell won't deal with the horrible ad policies and strategies thrust at us presently. I like to know what products are out there, especially as they relate to my interests. I want to be informed about new products and services I haven't heard of or didn't know existed.
Nonetheless, these dumbasses will just escalate this arms race because obnoxious, repetitive, evil, disgusting ads are apparently all that matters. They are so annoying that when I have to watch them, I make a point to avoid the products, because it pisses me off so much. They are so obsessed with finding a way to get more gold out of the goose that lays the golden eggs they are close to slitting its throat and losing it all. If your content is ruined by poor, shitty ads, the fact simply that people will start ignoring your content. Rely on less invasive and safer ad services or find other ways to monetize.
That isn't even getting into the new idea of these ISP usage limits, if you stream tv shows and 1/3rd of the time is ads, you are killing 1/3rd of your data cap with fucking advertisements. That is totally unacceptable, like paying for cable and having to watch ads. You get either subscription OR ads, NEVER both. Not by me anyways. If I can't watch your show without having cable, I either won't watch it, or if it is one of my favorite series I will pirate it. Either let me watch it with basic, minimally invasive non-repeating ads, purchase it for less than 5 bucks an episode somewhere online, or it will be pirated because nobody is dealing with your bullshit.