Given that ad networks are the #1 vector for spreading malware, I view ad blocking as basic computer hygiene. To me, it's no more controversial than washing one's hands after using the restroom.
I try to stay out of the moral discussions about "consuming" content without "paying" for it. The way I see it, ad networks will regain their rights to run code on my machine when they start taking positive steps to ensure that said code will not cause harm or copy unauthorized information off my machine.
A funny coincidence: I had a phone screen yesterday for a full stack developer job at 23andMe. (Very good people from my experience so far!)
One of the questions was to talk about cross site scripting.
I described the basic concept and then mentioned how so many sites volunteer to be cross site scripted, by loading random scripts from multiple ad networks.
Some years ago I was working at Zvents on front end code for their partner sites. These were news sites who just loved to pull in as many ad network scripts as they could.
Those ad networks did not make my job easy. Here I was, trying to create a nice experience for our users, and robust across multiple browsers... And the ad network scripts kept breaking fundamental JavaScript features! A lot of my time went into reverse engineering their scripts so I could figure out how they were breaking things and work around it.
"Full stack" is an alias for web developer nowadays, and I thought everyone kind of assume that. Btw if one shouldn't use the term "full stack" unless he is also writing operation system, then maybe anyone who doesn't write hardware driver is not full stack as well.
> I try to stay out of the moral discussions about "consuming" content without "paying" for it. The way I see it, ad networks will regain their rights to run code on my machine when they start taking positive steps to ensure that said code will not cause harm or copy unauthorized information off my machine.
I'm generally ad tolerant. (I've said this on HN before). I didn't block ads. I'd even click ads if they were relevant to my interest. Although I don't think I've ever bought anything from an ad or as a result of clicking an ad.
I can understand the "ads are a way to pay for the content you use" argument and I have some sympathy for it.
Yet even I have installed an ad-blocker. I mostly use a mobile connection. Installing an ad-blocker has considerably reduced the stuff I download. An Ad blocker literally saves me money.
The controversial part isn't the adblocking per se, but the viewing of pages that have ads while using an adblocker.
It's fine to decide that ad networks don't have a "right" to run code on your machine, but the moral response (assuming you don't have an answer to the "consume content question") is to configure your adblocker to close any tab that would otherwise load an ad. If instead, you decide to view the page without the ad, then you need some answer beyond "I don't give ad networks the right to run code on my machine".
(I'm not saying ad blocking is morally wrong, just that your justification for it isn't sufficient. I block ads myself.)
I believe that for any electrical signals that enter my private space or privately-owned devices, I have the right to do whatever I want with, including decide how to render or display said signals, within the confines of my private space.
If you want to ask me to pay before those bytes will be sent to my private space, that's fine. You can recommend, but you cannot impose that I use a certain way to display your information. If I prefer using Lynx to view your website, I have the right to do that (and it won't show your ads because it's not even graphical). If I prefer using a modified version of Chromium, that's no different.
Ad blocking on a web browser is no different from muting the TV and grabbing a snack when the ads come on.
Yes, I understand advertising is a business model. That business model should take into account that a certain fraction of users are going to block them. If too many users start blocking ads, we can and will develop new business models to drive businesses. For example, perhaps a new form of advertising could be fun for the user, such that they wouldn't want to block them.
This, so much this. Let's not forget also that most ad blockers fail to block the best kind of advertising: curated, first-party advertisements that are delivered as part of the original page, and which read like the other articles on the same site. Kotaku does a great job with this and their sponsored posts.
It's not advertising itself that I object to, it's distractingly annoying motion and sound, and it's third party content injection. Advertising can be great, but the current trend is for it to be flashy and obnoxious, and that's not OK.
Some of this argument doesn't hold up. Websites are not electrical signals that just enter your space". You're explicitly requesting access to them. And, they are not free to operate. Your requests to view them cost the producer some amount of money.
I'm not a fan of ads myself and think they are frequently outright abusive (even without malware). In fact, I pretty much detest the volume of advertising today.
But, I don't get this idea that we have a right* to consume web content hosted on a private entity's servers. There is a choice not to consume at all. Yes, companies like CNN shove so many ads in their vids that they are now more ads than content. So, I no longer watch vids on CNN.
I also think the analogy between ad blocking and grabbing a snack during TV ads is lacking. In the former case, there is a "set and forget" tech that guarantees that no ads will be seen...ever. In the latter case, one must actively avoid each advertisement, and do so with near perfect timing.
>...business model should take into account that a certain fraction of users are going to block [ads]
The reasoning here reminds me of that employed by people who believe music should be free. But, I can't figure out why people who presumably appreciate an artist, think that artist should work for nothing. The answer is that they don't actually believe that. Instead, it really boils down to "let someone else pay for it".
Either way, my point is it's an oddly popular belief that's so inconsistent with reality it can't serve as a basis for any coherent argument about adblocking.
Sure it can, the law is neither immutable nor sacred. Just because large corporate interests managed to create backwards laws doesn't mean we can't ignore them or talk about what the law ought to be.
The people who make this argument aren't inconsistent, they also likely believe that decrypting satellite, breaking DRM, or generally hacking or cracking shouldn't be illegal but dealt with through proper security or private contract.
Slightly off topic but I should point out by the way -- I haven't stated my gender so I would strongly suggest the use of a gender-neutral language in referring to HN comment authors. Original poster (OP), parent, grandparent (GP) are common gender-neutral pronouns in forums.
(I do happen to be male, but I just noticed, and just wanted to make a suggestion for the future.)
(If you went through the trouble of looking up who I am via googling me or such, and then wrote the comment, then please ignore this and thank you for your attention to detail.)
Just a thoight, but in all likelihood it will be the exact opposite. With the eventual proliferation of functional VR tech that is available for everyone, we're likely to see every surface turn into an advertisement space. Every surface being re-painted in interior designs, and other content from the future VR advertisement conglomerates. Thus, with adblocked augmented reality, we may indeed be looking at a dystopian future of a world of plain and clean [morphing] surfaces that only exist to be augmented.
Wonderful idea. Show how it will transform some horrible highways like New Jersey Turnpike? But augmented reality and driving are a bad idea. Uber drivers can hand out the viewer
Many years ago, after the University of Toronto installed ads in the bathrooms, Steve Mann set up his Eyetap system to replace the ads with pictures of waterfalls.
I'm thinking of that every morning when I enter the subway. Oh man, I wish I could use that advertising space like giant windows with live feeds of beautiful landscapes.
Sorry, but that's crap. I have the absolute right to request data from other websites. If they choose to send me that data, that's their decision. If they choose to include ads, that's also their right, but I in turn have the right to ignore or block those ads and not run that Javascript on my computer.
If they don't like this, they don't have to send the content to me. If they want to try to make it difficult for me to see the content without also seeing the ads, they have that right. I have the right to take extra measures to block the ads anyway and still view the content.
Again, if they don't like this, they don't have to send the content to me at all. If they really want to make sure I view the ads, they are perfectly within their rights to only show ads first, and then make me take a test to ensure I looked at the ads and understood them and remembered things about them, and only then show me the content after having proved I viewed their ads and paid close attention to them.
They could also devise measures to detect ad-blocking, and then block my IP address from viewing content in the future until I pay a fee or prove that I've viewed ads as above.
As long as websites willingly send me content, I have every right to view it, however I choose to, and I do not care what a bunch of pro-advertising moralists in discussion forums think about it, and I utterly reject their insane idea that some unwritten contract exists that somehow requires me to not view content without viewing ads.
Before Netflix, did you sit and watch every commercial intently, never breaking concentration? I don't pay for Hulu without ads and I turn down the sound and go about my business while they play.
While driving do you pay attention to each billboard or ignore them?
Do you switch radio stations when commercials begin and the content you wanted to hear is over?
My response is that it has always been my right to decide what I see and pay attention to. Adblockers are the extension and automation of my will.
I shed no tears if you don't get a +1 in impressions according to the metrics your advertising network keeps, because if they took the time to gather the same statistics for other advertisements I encounter in my life, they'd get the same result.
That lack of impressions implies something important: your mode of advertising/revenue generation is shit and it should be changed. Luckily, it seems enough people think the same way that it can't be ignored.
Advertising is ugly, it is an unwanted distraction and it is often visual pollution. Take a drive through districts that ban billboard advertising. The obstruction of natural beauty and assault on the senses becomes offensive on your return to areas that have no such restrictions.
Computers make it easier to track who views ads, something that's hard to track in real life. Computers also make it easier to automatically apply that mental adblock, something that's also hard to do in real life.
I call bullshit. We are force-fed advertisement on the way to work, to vacation, and while browsing the web. Your primitive reptilian brain has been sold to the highest bidder.
What right do these corporations have to manipulate people into buying things, making them feel incomplete for they do not have the abs, the breasts, and phones and the shoes that the sexy models of these ad boards have? Burn them all, I say.
Too bad nobody campaigns for elections with stating they will get rid of all and every advertisement not closely tied to a local or nearby business.
I did not suggest that corporations have a right to advertise. I suggested that you don't have a right to consume content while blocking ads within, and if you don't want those ads, you shouldn't view the page.
Your failing monetization strategy is none of my concern. Run a Patreon or allow me to donate once every while instead of potentially hurting me psychologically. If you hold the opinion that i have no right to your ccontent without paying, use a paywall or similar. But your suggestion that I have no right to something is utter hogwash. Where are your basis for such claims? Where have I signed anything regarding this?
People calling out others and saying that another person has no right to this and that is nothing but forceful catering. You see others live happily and call them out on it. Go live in the pit of your misery if you will, but cease telling others what they can or cannot do.
An HTTP request is not hacking. It's a GET followed by a 200 OK. The server has the option to redirect to a paywall, or respond with 403 Forbidden, or do any number of things. That they are responding with 200 is not a bug that we're exploiting maliciously.
Exploiting a server that exposes a root console by mistake would also be fine under the same logic. You haven't given any principled distinction between the two.
By installing an adblocker, you're intentionally blocking access. Is your argument that you didn't realize the website didn't allow it? You think that will hold up in court?
I'm blocking it once it reaches my computer. The website doesn't have any say with what happens on my computer. I'm not hacking their servers or doing anything their servers disallow. My web browser is sending them a request and they are responding with content. That's their only point at which they have a say in what happens.
I don't know why you have such a hard time understanding this. The case you linked to involves someone exploiting a bug in a server.
There's no bugs or exploits involved with the ad-blocking scenario. Sure, the website intends me to view the site with the ads, but what you are failing to understand is, they have no moral or legal right to tell me what I do with the bytes that they purposefully, in full awareness, sent me.
How is "bug" defined, and why does it make a legal difference in liability?
What does "in full awareness" mean? If they knew you were blocking ads, they wouldn't have sent it. The bug is that they didn't detect it. Why is ATTs thing a bug and this not?
You can't be serious with this. You think it's a bug that a website doesn't know what I'm going to do with the bytes they send to me?
I think the fundamental issue you are having is that you don't believe in property rights. Namely you don't think that my computer is mine, and that stuff that gets transferred to it; assuming the transfer was done legally in good faith, belongs to me.
I highly doubt you feel this way about meatspace; I doubt you think someone who hands me an apple has the right to tell me how to eat it. Yet when it comes to computers, you do feel this way.
pdkl95 has done a much better job than me of arguing this point, so I should probably just stop. But it bears repeating:
HTTP is not a contract. Sending me your content is not me agreeing to do stuff that is linked on some other page. If you want me to agree to view ads, or paypal you $20 first, or give you my first born child; you need to send me to another page first where I agree to it. TOS is not a gotcha. You can't trick people to agreeing to something; there has to be a "meeting of the minds".
This is precisely the point that I'm disputing, not the notion of property rights.
You still haven't given any definition of the terms you're trying to use to justify a distinction between the two. You claimed that any time someone requests something over http and the server sends data back, the person cannot have been doing anything illegal. You have not given any principled difference between that and the cases where courts found differently.
I've linked to lawyers making the same argument as me; I don't believe you've found any lawyers who agree with your claims here.
Re contracts: as I've said, that applies to scenarios when you've agreed to TOS. If you know a website has certain terms, then accessing it is agreeing to them. So your point is only valid if you can credibly claim that you didn't know the website doesn't allow ad blocking. If you think you can convince a judge that you had no idea some websites don't allow ad blocking, and that you therefore had no intention of breaking any agreements by browsing the web with your ad blocker installed, do whatever you want. But the very fact that we're having this conversation and you aren't telling me "no website would ever outlaw ad blockers in their terms" means that you recognize it as a possibility. It would be an interesting legal question as to whether mere probable knowledge (i.e. negligence) can suffice to be liable, or one would need to demonstrate actual knowledge: if the latter is found to be the legal interpretation, then I suspect ad blockers could be required to recognize when a site refuses to be viewed with an ad blockers, and not show the site at all then. Installing an ad blocker that doesn't do this would then be malicious.
This is admittedly speculation, although it gets closer as to what the actual legal question would be here. If you can cite precedent that bears on this directly, that would be better.
"In full awareness" means they know they are sending you data and that you are free to do whatever you want with it. You could view it with Lynx, or some other text only browser, or with a modern browser with Javascript turned off, or with an ad blocker, or with a computer program or script. There's no contract or agreement that says you have to display the data returned from the web server in any specific manner.
> If they knew you were blocking ads, they wouldn't have sent it. The bug is that they didn't detect it.
No, they have no way of detecting it. That's not a bug, it's how the medium functions. You might as well say radio stations wouldn't transmit if they knew I turned them off for a few minutes during commercial breaks, and claim that that is a bug, and that I am illegally exploiting that bug for free radio.
Oh my goodness, I went to the bathroom during a commercial break when watching TV last night. How much should I pay the TV station for stealing that show from them?
>You might as well say radio stations wouldn't transmit if they knew I turned them off for a few minutes during commercial breaks, and claim that that is a bug, and that I am illegally exploiting that bug for free radio.
Radio stations inherently can't selectively broadcast. Websites can.
The fact that websites already attempt to prevent ad blocked users from viewing content means that they would block it if they would know. Exploiting the fact that they don't know in a particular case (by using ad blocker blocker blockers, which are a thing) is exploiting a bug.
Plenty of websites have a contract or agreement about data they send you. See e.g. Youtube's terms of service, section 5.C.
> Radio stations inherently can't selectively broadcast. Websites can.
If they can, then there's no problem. If they can't selectively broadcast, or can't do it exactly as they want to, then you're back to the radio case.
> The fact that websites already attempt to prevent ad blocked users from viewing content means that they would block it if they would know.
Fine, but they apparently don't know how to block everyone they want to, so it's their choice to continue sending data to everyone they aren't blocking.
> Exploiting the fact that they don't know in a particular case (by using ad blocker blocker blockers, which are a thing) is exploiting a bug.
No, that's not even close to a bug. You clearly don't know what a bug is. This is a limitation of the transmission medium, known by all parties, where all parties can chose to stop participating at any time. They are in general unable to verify with certainty what any given client will do with the data that the server sends back. This is a property of the protocol used by everyone, not a bug in the server's software.
> Plenty of websites have a contract or agreement about data they send you. See e.g. Youtube's terms of service, section 5.C.
That says nothing about not displaying ads - it's talking about violating copyright. And it's not something it even normally displays to people AFAIK.
For the 1000th time, SHOW that contract. Do you even understand what a contract is? Youtube et al have a document they call the "terms of service", but that is not a contract.
Seriously, show where Youtube offered terms, where the user had the opportunity to read, review, and understand those terms, and where they signal their acceptance and intention to be bound by the terms of the contract. The exchange of consideration - that is, Youtube sending a video in exchange for the user giving their time to watch certain ads - only happens after the offer and acceptance.
Documents don't magically become contracts because you wish they were binding. Do I really need to include a link to a TOS for reading my comments to demonstrate why unilateral contracts are an insane idea?
This belief that you get to control what people do with data after you hand it over is highly unusual and antisocial.
Your "hacking" analogy is irrelevant; hacking and contracts are completely different categories of law.
> the law
I am very familiar with contract law. You might want to read about it sometime. HTTP does not involve an offer, a meeting of the minds about the obligations the contract would create for each party, or anything that signals acceptance of the offer.
If you want to argue that an HTTP request creates any obligation for either party, then you need to show the elements[1] that created the contract.
There are two different points here. Firstly, the claim that merely requesting data can't be illegal is shown to be wrong by hacking, which is illegal even if it only consists of requests. Second, the comparison to contracts is when the TOS was agreed to. Even the EFF agrees that they can be legally binding, as I linked to elsewhere. https://www.eff.org/wp/clicks-bind-ways-users-agree-online-t...
Asking for a page over HTTP isn't hacking; again, this is entirely off-topic.
> TOS
The TOS wasn't even presented to the client. (an <a> tag to the TOS isn't a the TOS itself, nor is it an offer of a contract. It isn't even an "invitation to treat".
> agreed to
Nothing has been agreed to. An HTTP request sends a GET, and the server volunteered to send a page of content as their reply. They could have sent an offer of a contract, or some sort of "access denied" message, or any other response.
> See also
LOL. That page is a nice example of properly handling a request.
The use of ad blockers is on the rise, especially...
</div>
<div style="font-weight: bold">
To view the full article, register now.
</div>
Sorry, no, I'm no going to register for a shady site like that just to read someone's legal fantasies.
See what just happened there? They made an offer, I declined to accept it and didn't receive the content. You negotiate the contract before you exchange consideration.
I'm sure there will be lawsuits against ad blockers. That's what failing businesses do. That doesn't mean their claims are valid.
Contracts are not surprises or gotchas. Show how the elements of a contract (an offer, acceptance of that offer, each party's intent to be bound, and the exchange of consideration), or your claims are just wishful thinking.
>Nothing has been agreed to. An HTTP request sends a GET, and the server volunteered to send a page of content as their reply. They could have sent an offer of a contract, or some sort of "access denied" message, or any other response.
Again, as the example above shows, this logic has not been accepted by the courts.
Re law360: I followed a link from Google and didn't realize that it was regwalled.
The answer is the same as why you are morally justified in skipping commercials on your DVR, or ripping ads out of a magazine. Content creators do not get to decide how you view their content.
Of course, pirated movies are not acquired legally. We can debate the (moral) legitimacy of the laws, but that's a different animal than modifying content that you have legally obtained.
So if websites sent you a license agreement before serving content, which required you to load the ads for that content as the condition of viewing it, would blocking ads at that point be illegal?
If this became a standard, automatic component of the web and of browsers, known at install time, wouldn't that move ad blocking into poor legal territory?
IANAL so I can't answer your question. But I think we can posit a world in which advertisers have garnered enough political clout to enact anti-ad blocking laws and that would shift the conversation.
At that point it still wouldn't be equivalent to pirating, IMO, but rather more like using DeCSS to circumvent DVD scrambling.
>At that point it still wouldn't be equivalent to pirating, IMO, but rather more like using DeCSS to circumvent DVD scrambling.
You're not paying. This seems more like borrowing a DVD from a library or friend, then ripping it using such software and watching it after you return it.
It's not, the creators (the website) directly gave it to me. I'm not borrowing it from someone that paid. My browser sent them a GET and they replied with 200 OK and some content. Whether I paid or not is irrelevant; they voluntarily gave it to me.
IANAL so I don't know whether I am required to read or obey a site's TOS, or which parts of a TOS are legally binding or not. My intuition is that they cannot restrict me from blocking ads with their TOS, but again IANAL so it's possible I'm wrong here.
That's talking about "click-wrap" agreements. That's where they show you a bunch of legalese, and then you have to click on a button that says "I agree" after it. Clicking "I agree" assumes the user has read that and agrees to the terms.
Just browsing to a website is not like that. There's no place where you have to read any TOS and click "I agree" when you go to abcnews.com or whatever.
Contracts are formed by offer and acceptance, a signature can be a method of documenting acceptance, but, except for certain kinds of contracts specially designated in law, are not required for a contract to be formed.
A TOS on a different page that you didn't present before sending any "content" such that there is an opportunity to either accept or reject the offer is not a contract. Contracts are not a "gotcha" that you can surprise people with nor are they established without an understanding by both parties of the obligations that would be created by a contract (the "meeting of the minds").
If you present reasonable[1] terms first, then receive some type of notification that the terms were accepted (as you say, signature is not the only option), only then will a contract formed that could obligate someone to not run an ad blocker.
[1] unconscionable or misleading terms are unacceptable and can get the contract - whole or in part - thrown out.
That's an interesting idea. I'd support an ad blocker which took a certain set amount of money per month and divvied it up amongst the sites whose ads it blocked. Heck, I'd probably throw $50/month into it.
Any site that served ads like that I'd be happy to white list. I'd go further and be happy for uBlock or adblock to never block those sort of ads (uBlock didn't btw).
* Static images
* tastefully integrated
* Self hosted, so no networks tracking me worldwide
* No JS
I can still read in comfort. Much like newspapers and magazines used to be.
I'd even be happy to click, and perhaps buy from ads like that.
This comes from someone who goes elsewhere rather than turn off noscript or uBlock. :)
Well done, you invented the future of online advertising. Oh, wait...
Looks like your editorial content is in the main left-hand column and the adverts are in the narrower right hand column when viewed on a laptop with a 1280px wide screen (linux/firefox).
I have a hosts file that blocks most of the ad servers but do not have any plugins within Firefox that disable js or block adverts. Your page looks complete - i.e. nothing showing 'unable to load' signs as one might expect. Privacy Badger shows 4 trackers (amber)...
The adverts appear to be smallish static images with links back to office furniture companies &c.
I found the SpaceStor advert for their 'railway carriage' internal booth quite interesting so I clicked on it and was taken to a UK Web site - are you processing location information or did I just get lucky?
They are UK-based. Glad you found the experience a decent one, the more I hear about ad-blocking, the more I feel encouraged to just make ads more simple and it seems to be paying off.
This is why I love HN. You randomly find the people behind things you love. OS is great (Although I used to love it more when I knew the companies being listed).
Well some can, and do. However the ad business has long since become a race to the bottom. Refusing customer demands is not a way to "win" a race to the bottom.
At a high level, a plaintiff would claim that advertisers were using javascript to gain "unauthorized access" to "information from any protected computer".
It's been tried before. Google "CFAA flash cookies" or "Halperin v Text Enhance".
Didn't pan out. The plaintiffs typically fail to meet the $5k damage minimum within CFAA. I assume there are other strategies advertisers could use to defend it, but the $5k minimum is an easy path.
Also tried and failed. Something legal about failing a test for appropriate aggregation.
Edit: A snippet of an article about the Halperin case...
'the court says that it can’t aggregate the harm to other putative class members to satisfy the damage threshold unless the damage arises out of a “single act.” And that poses a problem as the complaint is currently pled. The surreptitious install of the program by thousands of consumers (and putative class members) is not a “single act,” so Halperin can’t rely on this “act” when aggregating. Halperin argued that he shouldn’t be subject to the no-aggregation rule.'
Sounds like you're trying to compare a civil class action lawsuit to a criminal case.
Additionally, if the botnet does what it typically does..that is, coordinate to attack a specific website, that sounds a lot like a "single act".
I'm not trying to argue with you, just noting that others have tried to persue your line of thought and failed.
Edit: Regarding "I'm just wondering how ads/trackers get such a pass from CFAA"
To date, they get a pass because nobody can show $5k damages for a "single act". Of course, that may not be the only defense strategy they could employ. It's worked well enough thus far that they haven't needed to argue anything else.
In the reverse direction, where an end user does something like "add some funny thing to the url" on a popular website, it's easy to show $5k of damages, because the target isn't one person's home PC.
I'm just wondering how ads/trackers get such a pass from CFAA. My initial comment was about JavaScript, but Halperin is about adware install! And isn't merely creating botnets illegal? Even if you use them only for good things.
OK, so there are criminal and civil liabilities for pwning corporate websites. But it's OK for corporate websites to pwn user devices. Because there's a $5K damages threshold for CFAA, and also a damages threshold for tort class representatives.
That's arguably a huge bug in the legal system. Maybe there's a niche for private compensation services. Anonymously crowd-funded. Somali model.
I'd like to see some stats on that. I'm relatively certain email is still the biggest attack vector. JavaScript in this day and age is remarkably well sandboxed.
I know, but I'd like to see the numbers. Do people in 2016 have the same email habits as in 1996? I don't know, but everywhere I look, people are running safer email clients, usually in the form of well-sandboxed applications that hide most of the sharp edges from the users. I'm willing to bet email is a smaller vector today than 20 years ago.
You mean this site that pops you into said article, but then scrolls you to the top of the page to shove advertising into your face without even letting you glimpse at the searched for content?
For that, this:
echo '0.0.0.0 heimdalsecurity.com' >> /etc/hosts
There are ad networks that do take positive steps to ensure that code is not harmful. Do you look into the ad networks you block and whitelist ones that are clean? Or do you rely on Eyeo/ABP by using their acceptable ads list while they take a cut?
I will start whitelisting publishers once they take full responsibility and become liable for the data that they distribute. So long a website thinks that they can transmit a virus and let the user take the fall, then I will do my best to protect myself.
To my knowledge, there isn't a single publisher or ad network that take full legal responsibility if they distribute malware, false goods, or have other form of illegal ads. If there is one, let me know and I will take a look.
I've often wondered about this. How can there be no liability? And yes, I'm sure that there are usage terms buried somewhere. But warning people that you may attack them doesn't absolve you from criminal charges and/or civil liability.
Nothing stops you from suing them; if the real damages can be proved and are great enough to justify the cost of a lawsuit than it may even be worth doing. If real damages were in tens of thousands I'd at least hire a lawyer to send them a letter and see if you can get an easy settlement.
Not only difficult to prove, but also difficult to even get an idea of whom to sue.
Got burnt by some ransomware, now what? Use that backup you hopefully have and that's it. In the time between backup and damage, the primary browser would have touched just about every ad network in existence and nobody knows how many other unpublished holes might have been responsible for the malware to leak in.
Art the other end of the range, if you are a security expert analyzing the incoming flood, you may have an abstract case of attempted computer fraud, but no concrete damages.
Edit: could this change once ad-blockers have caused the introduction of server-side splicing of ads and content? (I suspect that this will become the main business of edge server operators not too far down the road)
> Edit: could this change once ad-blockers have caused the introduction of server-side splicing of ads and content? (I suspect that this will become the main business of edge server operators not too far down the road)
That's a good point. Maybe ad-blockers will impose accountability.
Edit: There's a tendency to be irresponsible when effectively anonymous. But there's still risk. Let's say that some ad network is hosting ransomware. Well over 99% of victims will have no provable damages. But maybe you take out some business and all of the day's backups. There's also the potential for class tort.
When it comes to computer intrusion, you often do not need to prove damages. Many jurisdiction has made it a criminal offense, and other has based damages on the amount of time a professional would spend on repairing the damages.
Each personal computer and laptop should be in the range of a $200. A work desktop or server should be in the range of $2000-5000, since then you got to verify the integrity of data and secrecy of costumers. Since a maladvertisement attack hits tens of thousands of users, a class action suit could be in any range, and it would be hard to guess the end result.
To me, you are describing one of the core problems of ad networks. As long as they are not accountable (or simply never have to account) for malware distribution ad blocking will be the best protection...
The only time an ad might be remotely useful to me is if it's product placement which is on topic for a search that I am performing where I am already looking to buy something. At any other time it's just wasting bandwidth (which on some networks might actually cost me).
I think that 'ads' are the wrong tool for the job. Ads are about 'making impressions', but doing so is actually an attack on the intellectual process of the subject that is being impressed. The very least an Ad should do is compensate for that attack by delivering actually useful and desired information. An ad should know from the context it's presented in what that user seeks and attempt to deliver value to that user. Ideally it should be about finding a match between consumers and the producers that match their need. The toxic part of ads is that they are not driven by this bounty, but instead by attempts at various companies to become the thing that fulfills a need which might not exist or which might be actively unhealthy.
I'm going to start with a rant and then give you the solution you're asking for. Think of it as an advertisement for privacy. CTRL-F for "Here's a solution" if you need to, but you should read the rest.
All advertising was "clean" at some point, consisting of just images and links. Web advertising changed direction at some point, following the money vendors paid them. And it's absolutely impossible to guarantee that owners or investors won't change policies later. Even if a company says that they'll never do it and put it in the TOS, they can still change it at a later date with no repercussions. Even doing something outside the TOS has few consequences, so sites and ad companies can lie about their policies. Which would be cheaper than actually reinventing themselves. So, thinking about it like this, your incentives aren't reliable and will likely expire at some point in time, rendering this approach useless.
Expecting users in various industries with various levels of skill to have the motivation and expertise to clean up your industry for you is beyond ridiculous. Each individual user has such a low financial impact on final ad revenue that it would take a social movement beyond massive to have any reasonable effect.
You're really targeting the wrong audience, here. There either needs to be some type of reliable third-party (if that's even possible, given the corruptability of this industry) who tracks ad network reliability, or vendors need to incentivize clean ad networks by not buying ads on networks that allow for exploits. You need to either self-regulate, or eventually be forced by regulation (either legal or through ad blocking). If there was a reliable, trustworthy industry clean up solution that didn't revolve around people paying to remove demerits (e.g. Yelp review), maybe we could all stop furiously ducking ads and see what's left after the adpocalypse.
Here's a solution for you. Perhaps an enterprising "clean" ad network could build an extension that checks pages for third-party-hosted javascript, hidden images, and all the other tracking/exploitation techniques and rates them with an icon. That would be a far better way to market, as long as they don't try to exploit that gained goodwill. Post it on Github, keep it open. Base the entire thing about tracking sites that (directly or indirectly) use subversive techniques. Rate them and give them a black eye publicly, and include a public appeals process. This has to be automated and updated so that they can't get around it with new exploits. Build the results of this into a list that can be used by adblockers directly. But even without disabling ad blocking, you could see from this extension at a glance which sites operate in a non-user-hostile manner.
EDIT: This solution here means that users don't have to "check" to see which sites and platforms are clean. They opt-in to find the information, and then it shows up on whatever site the see. All major browsers have been adding support for Chrome-style extensions. And I can find this information out before disabling ad-blocking, and be notified of sites that have significantly worsened. Seriously, if serving ads is something you want to do, I can't think of a better way to increase reliability than this. Also, you can't use this extension to track users, either. Even anonymously.
Once again, users shouldn't have to go seek out clean advertising. There's literally no incentive at all for someone to say, "I want to see ads, so I'm going to spend hours investigating agency practices and which servers belong to which agency". And there never will be. As a user, it would cost me hours of time to educate myself, and I'd have to do it repeatedly to keep aware of which companies are toeing the line this week. All to earn you a few cents out of the goodness of my heart. The people who are buying and serving ads need to clean it up, or risk it collapsing around them. And they really should not expect sympathy or understanding until it's no longer risky to offer it.
I have no plans to unblock any ad network. It's simply too big of a risk these days, even for those of us in IT.
You might not like it, but sites are going to have to go back to the days where they host the ads on their own domain. I suppose they may still interact with an external network so they don't have to handle the sales themselves, but making sure everything is hosted from their own domain means it'll be much easier to hold them liable if malware is delivered through their site.
I don't see what the problem is: if the advertisers only pay the site owners based on actual click-throughs (rather than impression), what's the problem?
I think the problem is that for most ads, impressions are the bulk of your value. For example, a company might advertise so that when you do actually need their service, they come to mind first.
I would consider unblocking an ad network that serves static-image ads only. No gif banners, no JavaScript, no obnoxious or deceptive behavior such as trying to blend into the page and looking like a native page element to trick the user to click it.
Go to projectwonderful.com and use the advanced selector's global column to turn the projectwonderful.com row green.
You'll need to have turned on advanced mode for it to work. And of course, this only works with PW because PW serves ads from only its domain. Most ad networks aren't nearly so nice.
When you're sure your changes are good, hit the lock button to save them.
What happens when The Good Networks decide they can earn more revenue by serving you questionable code?
The task of whitelisting becomes much more involved when networks are incentivized to act maliciously or turn your private data into something profitable.
You'll have to be on the constant look out for when Network A decides "don't be evil" affects their bottom line.
In the future we'll look back at this era of web advertising and security completely bemused: the state today is that most major websites hand over control, context and trust to unknown and untrusted third parties to execute whatever code they wish. They do this dozens of times per page request.
This is similar to my position. Some people take an absolute moral stance that it is unacceptable to show people any ads, ever. That seems silly to me. My problem is with ads that are intrusive, or deceptive/clickbait, or malware-laden, or slow my browser to a crawl.
lol, just reminded me I had set up a google analytics on my blog a long time ago before thinking about it and that I have been complaining about the idiots putting google analystics for more than one year.
Oh gosh. How much google analytics did I put during the 6 months where I thought it was the alternative to parsing logs for stats on my server when I believed in the clown and migrated to it?
PS: I try to quit looking at stats as much as I try to quit smoking ; it is the only sensible alternative. I should not care about them.
There are good alternatives to Google Analytics that are FOSS and allow you to self-host.
Piwik is excellent and simple, and SnowPlow is very powerful if not user-friendly.
Server logs are pretty unreliable, and don't give nearly the depth of data that a true analytics service does. I think a self-hosted analytics service does very little harm, as the main danger with Google Analytics is the potential for cross-domain tracking.
Also, a very big danger with non-FOSS analytics and ad services is that they are all, in effect metadata for governments to sweep up. It's much easier to log a bunch of Google Analytics requests than to log someone's entire Internet stream; yet capturing analytics gives you a fairly exact view of exactly what they did online by tapping only a few services. The total bandwidth for capturing ALL global analytics requests is fairly small.
Officials can then claim with a straight face that it is only meta-data - they only need to log the request with all the data in it, not the response from the server, which is usually a transparent 43 byte GIF.
By using your own server, and modifying the default URL structure, a government has to track your site directly, which is unlikely unless your site warrants interest. And if everyone did this and had HTTPS, the NSA's job goes from cracking a handful of provider's HTTPS (Google, Adobe, etc) into cracking hundreds of thousands.
However, adblockers also block Piwik and other FOSS analytic solutions.
The argument is that it's trivial for sites to share and network their results, building up a profile and effectively tracking users across sites. It completely sucks because 99.99% of people with Piwik are not doing so, are not tracking, are not delivering spam, or ads and just want to know how people are using their site.
That looks like a very nice solution, and probably covers what most people would want out of Google Analytics for a simple site. Like you said, for a personal site, stats are for curiosity and the vanity/need to know how many people came to the site. But still, that's not quite true - you might start writing more articles about a topic which got lots of traffic, for example. That's not mere vanity or OCD, that's site optimization.
For a simple site, weblogs probably give enough information to perform site optimization. I do think that there are lots of stats any website of sufficient scale needs to fine-tune operation/marketing which are NOT available via weblogs and in fact require some JS to be on the page.
There should be a way to get this limited information without infringing on privacy and without having data gaps from ad blockers.
When you are talking about structural failure of a system - how about an action that fails 80-99% of the time? I'd consider that a failure. Internet advertising as an action created by companies is a complete failed system propped up by players like Google.
I bet that as a total percentage of visited sites from webpages, advertising will account for a tiny fraction.
The perception by advertisers that this is a product they should buy, even though it fails massively, and is very very hard to attribute value to, means we are only one small hop away from billboard and radio advertising.
The illusion of statistical/analytical evidence is so frail without a massive privacy compromise, it makes the whole task seem pointless from both sides.
Now that malware is a part of the mix, makes everyone think - lets just block this shit and get on with our lives.
The ad business now is like a computerised 80's junk tv ad marketplace. Offering little or no value to anyone.
The original instinct by the OP was correct, users are at the heart of the internet - not companies.
Well, you could say that advertising companies are actually in the business of tempting their clients into advertising by promising them the ability to tempt the general public into buying their products.
The problem imo is that, ever since Google has paved the way, monetizing an online product has become fixed on a single, double-edged strategy: either show ads or sell your users' data to advertisers.
I've been thinking this for a while: would it be feasible to create a labelling body for online advertising and privacy?
I see it a bit like Fairtrade or FSC certified, but for advertising and tracking - an independently verified set of criteria which must be met to be awarded the standard. As an independent body, it wouldn't have the conflict of interest of, say Eyeo/ABP.
And unlike offline standards agencies which rely on self-certification and occasional inspections, the testing would be done at the browser plugin level to filter out any scripts and ads which don't meet the standard.
A combination of marketing to end-users as to the benefits of ethical advertising, and real-time feedback to site owners and advertisers as to which ads were blocked, why they were blocked and how much money that cost them could be a powerful incentive to clean things up.
There is a non-profit association that is in charge of building standards and regulating (as much as possible) online ads. It's called Interactive Advertising Bureau (http://www.iab.com) and they are described as :
"The Interactive Advertising Bureau (IAB) is an advertising business organization that develops industry standards, conducts research, and provides legal support for the online advertising industry. The organization represents a large number of the most prominent media outlets globally, but mostly in the United States and in Europe."
Their cause is great and they have been establishing solid foundations but the very description shows it's limit: "mostly in the United States and in Europe". The shady ad networks are usually registered and host their content in none of those regions which means they are free of any standards and there isn't much the IAB can do about it.
> testing would be done at the browser plugin level to filter out any scripts and ads which don't meet the standard
I think you are describing pretty much any ad block plugin. If you serve ads from your own domain with an img tag, they don't be blocked. It's just that very few people do that.
Yeah, technically it wouldn't be all that different - but the user-facing side would.
If a site met a particular level of privacy, the relevant badge would be displayed - sort of like a SSL padlock - as a reassurance that the site was trustworthy. Or a bit like, cheesy though they are, those valid HTML/CSS buttons.
Ten years ago there was a big push for web standards, vaguely defined though some of them were, and from that it's now unthinkable to build a site which isn't standards-based. We need a similar push for tracking and advertising.
Like the web standards movement, which wasn't led by browser makers or website owners, but by developers and designers who realised things couldn't continue, the ad-tech and publishing industries are not going to be able to do this themselves, but need pressure from outside.
This issue really feels like an endgame in chess in a game between good players.
1) publishers can't just switch to serving images with their text and ads, because advertisers do not trust publishers, and this would enable them to cheat. So they can't move, they need the 3rd party tags.
2) browser vendors can't "fix" this, despite several browsers being done by large players in ad selling space (even IE's successor, Edge, seems to be making efforts to support ad blocking).
3) end-users won't switch on ads because publishers are overdoing ads, or they are helping malicious actors, or are simply malicious themselves.
4) advertisers can't switch away from the internet, because the internet is eating the press, TV, radio, ... It just wouldn't work.
Everything is stuck and nobody can move. But somewhere in there is the answer.
The start would be if larger and trusted web publications started to run their own ad department. Like in the times of print advertising. Serve ads from your own server which do not try to create third party servers.
That is a good synopsis of the situation. Thanks. It also hints at the solution, which is a more trusting relationship between publishers, advertisers, and readers. I'll give The Economist digital edition (native iOS) as an example.
Ads are fine in the right context. For example, I don't mind seeing ads on Craigslist. Or an ad for a blogger's book or consulting services in the sidebar of a thoughtful blog post. But not, for example, affiliate links for a product in a pop-up over an obviously fake "review" consisting of stock photos and published specs and keyword-rich filler text. I would tolerate ads on news and other entertainment sites if they didn't go so insanely overboard. Tracking cookies and beacons are unjustifiable in any context.
I often wonder if ads are worth the trouble for most advertisers. Sure ads on Google, when I'm already look for a product makes sense, but besides that, I doubt they are worth the money and effort.
Most companies seems to advertise online, because the competitors do and you can't prove that they don't work. A large number of advertising sponsored sites would have to reevaluate their business model, if the people moving physical goods decide that ad-networks aren't worth the money. Sadly the only alternative seems to be some sort of micro-payments, which have yet to materialize.
Online ads, including targeted ads, isn't something I have much faith in. I have yet to see it work, outside search engines.
Based on previous discussions on HN, it would be incorrect to say that "HN hates ads so much" (1) and that many HN readers do indeed protect their investments in ads - it pays them directly. To attack ads, attacks their wallets and thus it is only natural to protect ones investment.
edits: (1) However, its only recently that theres been this major discussion about ad blockers, and perhaps those who are not opposed to them are either changing their view, or are keeping silent as the majority opinion against ads is currently dominating the discussion.
Why do you link to uBlock instead of uBlock Origin? I thought uBlock Origin from the original developer is to be preferred, and that uBlock is no longer actively developed and the donations for uBlock do not benefit the actively maintained uBlock Origin.
> Looks like the link I was using just redirects to the new site.
There is no redirection: you are using "ublock.org" directly in your source code. I consider "ublock.org" to be a scam[1], and I consider your page to be propping up a scam.
The answer for banner ads is that they should simply be removed, because despite living in the boundless digital space all they can really do within the format is show an oddly shaped image.
As is clear by now, the only way for ad networks to provide any sort of extra value to the service is by choosing the exact image very carefully. To choose the ad carefully, the person browsed must somehow be differentiated, and there really isn't anything to do but tracking.
So ad networks must by logical necessity turn into unregulated surveillance networks and try to soak up as much data about every visitor, collect and collate this data for the express purpose of tracking individual behaviour and then use this information to choose the image.
This creation of a private surveillance network for tracking of individuals is basically the minimum level of sinister an ad network needs to have any sort of "dynamic" product. Yet, at the end of the day, banner ads don't amount to more than very basic content, so it hardly seems justified to create an invasive surveillance apparatus just to serve slightly less irrelevant content.
And there doesn't seem to be much at the other end of sophistication: paid sub sites with dynamic recommendations for the visitor based on stated preferences.
Banner ads can never amount to more than those small ads crammed into the edges of the newspaper, despite being in a domain where companies can talk to users directly and dynamically. The reason for this is that you don't have a conversation with someone trough a small hole in a newspaper and as long as that is how you serve your ads, spying on the user is the best you can do.
In a world of perfect ad-targeting surveillance, it should be simple and cheap enough to simply bid up blank banners for your browser, just your browser and on every site (maybe with some clever scripting to reject accidental clicks that would cost you a heavy premium).
Unfortunately, this would do absolutely nothing about the actual point of the article: that GUIDs introduced for harmless ad targeting are the light by which government spying systems are seeing persons in the otherwise quite anonymous data streams.
> As is clear by now, the only way for ad networks to provide any sort of extra value to the service is by choosing the exact image very carefully. To choose the ad carefully, the person browsed must somehow be differentiated, and there really isn't anything to do but tracking.
I don't think that's true.
People magazine is filled with ads that mostly pay for the magazine. The ad buyers know nothing about individual readers. Why do online ad buyers need to know more?
I think a lot of ad-blocker users use the same justification. They block ads because they can. Readers put up with ads in paper magazines because there's little alternative.
I've re-read your comment several times and I'm not sure I understand exactly what you're getting at in regards to what ads should be.
Advertising for decades has worked without the ability of advertisers to track their viewers or interact with them directly and dynamically, and it relied on exactly what you described in the opening sentence; showing an oddly shaped image in whatever newspaper, magazine, publication, or whatever they could stick the image on. With television, ads became minor productions in and of themselves, and while you could get some statistics as to who actually was putting eyes on your advertisement and when, there still wasn't really a need for a spy network to allow the advertisements to function.
As an outsider to the industry looking in, I'm sure there are steps I'm missing and not able to fill in myself, but I'm just not sure why it's essential to spy on people. Targeted advertising, in my anecdotal and admittedly very limited experience, is often little more than just shotgunning ads vaguely related to search results or things I purchased or looked at for whatever reason in the past. There's nothing dynamic or progressive about it beyond just spamming slightly less irrelevant information at me, though I really don't ever recall ever taking the time to actually follow through an ad link prior to adblockers. Ad-sponsored search results very often just get in the way of actual search results.
The idea of dynamic and relevant advertising seems completely foreign to me in that I can't really imagine how such a thing would actually look/work. Current advertising online seems to be very little more than a game that ad developers play to see who can trick people into clicking on their ad the most and who can collect the most data. Often times, the purpose seems to be less about the advertisement and more about the data collected via the click, or at the very least just generating the click or follow-through more than anything. It's particularly egregious in mobile spaces and apps where ads almost seem to be built around the imprecision of navigation. In Safari on iOS, I can't think of too many sites that doesn't place their banner of ads right along the bottom where you tap to summon the Safari controls, and it's even worse within apps with random pop-ups and ever-changing locations for the dismissal, which isn't much better in my mind than the pop-up warnings in browsers asking "do you really want to navigate away from this great deal?"
Advertising in the digital age, in my opinion, has just gone too far in the interest of what it can do instead of what is actually effectual advertising. The dynamic and progressive evolution of the ads seems less about actually providing and informing about a product and instead about gaming the online advertising market, and the fallout of such a battle is harming users.
I've often wondered if an ad blocker more like an anti-virus heuristic system could be created. It would look for suspicious looking JS and block it, as well as ban any code which auto-plays video or fullscreens.
Add some machine learning algos with image recognition and the user's ability to mark "Don't display stuff like this again" and there would be a very good compromise between viewing ads and keeping a device secure. More persistent tracking, especially cross-domain tracking, could also be avoided.
The alternative is something I've entitled "Enhanced Do Not Track", which consists of setting the DNT header and then maliciously editing advertising information sent by the browser. In time, advertisers would learn to actually obey DNT calls or face the prospect of terrible data.
Thanks for the heads up! I'm always very impressed with the EFF and what they do with my donations :)
I'll install it on my personal computer. An irony I have is that as a worker in the analytics field, I can't block ads or analytics on my work device despite knowing better than most the extent to which they track me. But when doing QA on a screenshare, I can't afford the chance of forgetting I have a blocking solution on and then not seeing any analytics requests pop up.
The main problem I have with the prevalence of adblockers is that now you have to "block" the meta-advertising people in discussion forums that criticize you or attempt to make you feel guilty for blocking ads on your own property any time the subject comes up, and it's a lot harder since the messages are usually targeted, handwritten, interspersed with useful content, and overall difficult to detect automatically.
One interesting idea would be to move the advertising server-side. Just smash a ruby gem in your project, or a PHP file, and let's see how well you'll sleep when you know somebody can inject code on your server whenever they feel like it.
If that would be the standard way to go, I doubt people would just bundle all advertising scripts they can find around the web.
Adblocking from the small-scale advertiser is a great money-saver. As an advertiser I would feel that the site is stealing from me when I see that they require people to turn off ad-blocking. I know their visitors that use blocking software would never buy from me anyway, so why should I pay to show ads to them?
In the old days, advertisers sent ad copy to the magazine / newspaper and they added it to their content.
I could turn the page or not read it. Sometimes it was interesting. In specialist magazines, the editorial content is often secondary to the advertising. I read "Professional Builders Monthly" so I can keep an eye on new products being advertised. My experience is enhanced by advertising.
The cost of effort is borne by the advertisers and publishers. The production costs are covered by the advertisers and the purchaser of the information (me).
On the internet there is significant cost to me. I risk malicious actors, I pay for bandwidth and CPU cycles, my attention is stolen by flashing and sound, data is collected on my habits and traded with who knows who - my experience is degraded not enhanced by advertising.
At this point, I'd seriously like to see that anonymity be built into a network protocol. Like a version of IP where the source field is removed, and the next-hop source is progressively encrypted like Tor does.
Then I'd love to see a filtering solution that blocks all third party tracking.
How about this: we make a new tag <advertising></advertising>
Inside this tag can only go text-link ads. Ads in any other form on the page will be ignored. But for ads with those tags, the text will be displayed at the top of the browser, in the premium location for users to see it.
This allows ads, reduces the impact of ads on visual clutter, eliminates delivery of malware via ads, and drastically decreases page weight and load time. In addition, by enforcing an arbitrary scarcity, advertisers will be forced to bid-up for one spot on the page instead of being lured into more and more complex advertising platforms that are unwieldy to operate and many times have dubious added value.
You misunderstood. The point wasn't to make an evil bit.
If we're going to have the semantic web, isn't advertising an important part of any page layout. Good grief, we have header, footer, microtags, and god knows what else. Advertising is at least as semantically important as the rest of it.
After all, that's all adblockers are trying to do anyway -- identify the semantic purpose of those hunks of code used for content sponsorship. This is semantically important even if nothing else changes in the deliver-render system.
Nah, we can now formally prove that the code inside an ad is completely safe. So much that this is proposed since a few days ago for direct inclusion in the JavaScript language.
What code is "safe" isn't necessarily something that's set in stone. Exploits could easily deliver code that looks safe but causes problems. And each new version could introduce a new exploit.
And then there's the upcoming WebAssembly, which is bound to be ruined by ad networks in the future.
>Many think that security’s choke hold on privacy started post 9/11, but this is not accurate. It had started half a decade earlier in the advent of the internet, and the popularization of mobile phones. Edward Snowden’s allegations much later, they too largely were part of the debate that started around 1995.
By the time Snowden came around, I felt like the battle over privacy had long since been lost. I felt like every passionate statement was a point in an argument made a decade earlier that lost largely due to apathy from the general community (though the tech community always held privacy at a high level of importance).
The way things related to privacy are today, they are irreversible, IMO. Forget governments, private companies have long understood the value of information. Whether it's good or bad, the point is moot. Now we're in the era of figuring out what to do with all the data. Luckily for the world, I feel that the data has much more indirect commercial value than direct. Yes, it's nice to be able to target users with ads about phones when you know they are ready to upgrade. But it's more valuable to be able to answer questions like "what are the top 30 locales in the U.S. where a x business would succeed", or "what elements would provide the most compelling story-line to a high budget movie targeting x customer base".
It's not that users' individual privacy is being held in particularly high regard, it's simply that collective information provides the answers to more interesting and more profitable questions.
Where government treatment of privacy is concerned, that's a pendulum that sways too far in either direction at any given point. It's a tough debate in general because people are constantly asked to weigh the balance between preventing their worst fear and creating it. You want the government to be able to break down any wall to get your lost child returned home, but you don't want the government breaking in your door because you happened to order pizza from the same restaurant as the kidnappers. At some point the person with the kidnapped child will be the most sympathetic character in the argument, at another the person who ended up in the hospital because of an unnecessary raid. Politics isn't about cooler heads prevailing, it's about garnering support and creating passionate followers.
One thing for sure, the U.S. government interest in technology and information has spawned some inventions that otherwise wouldn't exist. Things like realtime translation, advances in battery technology, gps navigation, and the internet itself are all examples where we wouldn't be where we are today without the enormous amount of interest and funding that follows a government project.
The weird thing about opposition to ad blocking is that downloading a page via curl or wget means I see no ads at all, just links to JS hosted on other servers. But nobody says those tools are unethical (I think).
Incidentally, I wonder why we don't see more ad networks implemented server-side as a way to help prevent blocking? Is it too hard to track with reasonable accountability?
Quite apart from the malware problem, the privacy problem may be unfixable. I have a friend working at $major-site-we-all-use who is tracking people who don't even log in and who have ad blockers installed. He cares less who they are IRL and just how he can send them "native" content. Bleagh.
> One of the pioneers of Javascript, the most widely used technology in the web today, Douglas Crockford argued that the most reliable and cost-effective method to inject malicious code on to a user’s device is to buy an ad.
Wow. Just wow.
Worse than email spearphishing, even. Totally automatic.
With regard to malware delivery via ad networks I'd think it would help already if web site providers where held accountable for all content delivered via their site. I don't understand that there hasn't been a law suit over this yet.
Is it feasible for a domain to only accept ads with static content?
Or, for dynamic content, share the relevant portions of their own JS / envelope third party JS into their own code base (and presumably scrub it/test it)?
Website protip: If you’re making a dedicated domain for your long blog post, also write a summary (so that all visitors can get something out of it, not just the 5% who are actually going to read the post).
This page is basically unreadable on my phone in portrait orientation. The enforced margins means the text has only a half-inch column down the middle, and often wraps in the middle of long words.
Very sorry about this guys. I've figured out what was wrong and it should work now for any modern phone. Thank you for flagging this, as otherwise I would have totally missed it.
The reader feature only works on properly structured and modern HTML. Unfortunately I find most of the time when sites look like shit like this one, the author usually hasn't bothered to write good HTML either. Often if you open it in Chrome (as opposed to Firerox Android) it fixes, because people have hardcoded the Chrome UA as their is-browser-mobile check -_-
Maybe I should just switch to Chrome on my phone, I only really use Firefox out of a strange sense of loyalty..
My Firefox on Android does have a readability feature, but for some reason it doesn't activate on this page. Fortunately it looks ok in landscape orientation.
Thank you very much for everyone who has pointed out the issue with the readability of the content. I'm very sorry for this issue.
Clearly your advice (px > %) is the way to fix this. I have to travel in a moment and the wp plugin I'm using did not support this, so will figure it out later today. In the meantime I reduced 150px to 100px, which seems to make the issue a little better for most screens (at least in landscape).
> In the current situation, it seems that at the very least we are going to see an increased use of ad blockers, resulting in further damage to internet advertising and national economies
This is absurd. Destroying my focus so you can sell your product does not "damage the national economy".
In a weird, perverse way, blocking ads really does damage the economy. Think about what subsidized newspapers, televisions, what drives google, facebook, and youtube - what galvanizes consumption, the great engine of any economy. While ads are annoying, intrusive, and even dangerous at this point, they play a huge role in "subsidizing" important goods and getting people off their couches and into stores, increasing the velocity of money and putting cash back into corporations where it can be pooled and turned into new products.
I don't think that's an example of the "broken window fallacy", actually. It is generally true that people who consume less, are putting less money into the economy, making aggregate demand lower, making the economy overall smaller. This might not necessarily be bad, but it's not the same line of thinking as saying that e.g. "breaking a window" will cause economic improvement.
The analogy is accurate. Breaking windows creates artificial demand, just like advertising. Advertising wants to break your contentment with the status quo, to make you "realize" that you need product X before you can be fully happy again.
This is one-sided. A lot of modern consumer advertising and especially web advertising works this way, but there is also the goal of simply letting someone know a service or product exists (and might fill a need they presently have).
The problem is this is a lot like search on the internet - if Google were "perfect", advertising wouldn't work, because it would always find exactly what you were looking for exactly when you needed it.
> ... if Google were "perfect", advertising wouldn't work, because it would always find exactly what you were looking for exactly when you needed it.
Advertising will always work so long as there is producer surplus[1] in the economy. If firm A and firm B both earn $10 of economic surplus on the purchase of some product, then either supplier will be willing to spend up to $10 to convince a customer to switch from their competitor to their product. If a customer considers the two firms' products to be substitute goods[2], then both products may be "perfect" search results, because the customer doesn't have a preference between them and considers them both to be equivalently useful, which is why Google can extract money from advertisers to show their product first without significantly harming their user experience.
People's consumption does not occur in a vacuum. If I spend less money on going to the movie theatre, I have more money available to buy books. Either way, I'm putting the same amount of money back into the economy.
If you want to know the real significant cause of lowering aggregate demand, look no further than rent-seeking and wealth accumulation. Billionaires aren't going out and buying their proportional share of movies, books, electronic goods, etc. They're using their money to collect rents from securities markets.
Sounds like we need a more precise terminology than a blanket statement of "damaging the economy." The economy still exists after these actions are taken, it has just become a different economy.
As far as I'm concerned, if content providers and media outlets can't find a way of raising revenue that doesn't involve scraping as much personal information as they can from me, as well as possibly infecting my devices with malware, then they can simply cease to exist.
That's why I fund Google Contributor. It's not perfect, but I'm ultimately giving money to the people who create content I like and helping to outbid the lowest-cost ad networks.
How does internet ads subsidise goods? They can subsidise internet connected services (by serving ads to the users), but physical goods? Do you mean like facebook getting cheaper servers by serving some ads for intel? I have a hard time seeing any reason for the ads on twitch for a free app to subsidize my next graphics card though.
There is also the fact that most consumption is driven by individual need, and ads only serve to steer the person towards one or another or another provider leaving the total economy largely the same.
Advertising is a form of persuasion, which - if you think about it - is a form of behaviour modification.
The traditional ad industry has understood how to modify behaviour since before the days of Bernays. So have politicians, lawyers, religious leaders, and demagogues.
Online ads are probably the least effective of the behaviour mod techniques, because they mostly just annoy people.
The online ad industry has always been less interested in a measurable ROI - i.e. increased product spend - than the trad ad industry. It preys on ad buyers almost as much as it preys on ad viewers, and I'm not convinced that it isn't a net loss for them.
Even so, let's not forget that ultimately the business is all about conditioning people to take action they wouldn't otherwise do so they can "be monetised."
I wonder if it's possible to have a win-win online ad industry that treats customers as adult equals instead of prey by giving them something back in return for their attention.
The ads on specialist blogs, which are usually sold direct, tend to be far more interesting and clickable than generic banners because they're closer to the ideal trade-off of something-for-something.
Most ads just want something-for-nothing, which isn't a great basis for a customer relationship.
Ah, finally someone who shares my suspicion that ad targeting is overrated. Yes, it is valuable for sellers of babystuff to advertise to expecting mothers, but pre-targeting brand awareness style campaigns still have their place/value. Those have absolutely nothing to gain from creepy targeting tactics, no matter how old-fashioned that may seem to those responsible.
I guess that at the buying end of the advertising business, just like in software development, many people just want to use the latest tools (ad targeting in this case) to personally stay on top of the game even if their use case would benefit more from a boring old blanket campaign. Think of a campaign for an insurance company: even if it highlights a product aimed at twentysomethings, it will still be nearly as effective when hitting eyeballs from other age brackets. So how much of a premium per eyeballs should they be willing for targeted over blanket? Very little. Yet I see quite a lot of that kind of advertisement in fully targetable channels and I suspect that is due to the same driving force that makes software people always want to play with the latest toys. One that has settled, the laws of supply and demand dictate that the premium for targeted vs untargeted will shrink.
Advertising isn't supposed to be a form of behavior modification. It's supposed to be a means of informing consumers so that they can make good purchasing decisions which will drive a free market in such a way that the _objectively_best_ products get the biggest reward. Any form of manipulation or dishonesty in ads contradicts this, and help undermine the idea that good decisions will be made in a free market.
I think many advertisers have gotten too comfortable under the belief that what they do is legal -- because it need not be. The ability to serve ads is a privilege that society gives companies in exchange for the promise of valuable information, competition, and innovation.
> Advertising isn't supposed to be a form of behavior modification. It's supposed to be a means of informing consumers so that they can make good purchasing decisions which will drive a free market in such a way that the _objectively_best_ products get the biggest reward.
That's very idealistic, and not very realistic. That role is filled by genuinely unbiased product reviews and recommendations from trusted friends and families.
Lots of companies who know they don't make the "objectively best products" still try to manipulate people into purchasing their products.
Advertisers very rarely provide value to consumers as they are designed to favor, and generate profit for the seller.
>That role is filled by genuinely unbiased product reviews and recommendations from trusted friends and families.
This is exactly what you would be left with if advertising weren't legal. And in fact, the only good justification for allowing it to be legal is this idealistic view.
But yes, I know what the status quo currently is. I'm saying that it is on shaky moral footing. That it ought not be this way, because it offers no justifiable benefit to society for it to remain as such.
>And in fact, the only good justification for allowing it to be legal is this idealistic view.
Well that, and the first amendment.
I tend to agree that advertising is a bad value proposition, for both producers and consumers, but I'm not sure how much the government can do about it without restricting speech.
I can however imagine a cultural shift, such that the majority of people so actively avoid advertising, that the market for it is vastly reduced.
I agree with you completely, but I do find the first amendment argument questionable with regards to advertising.
Can advertisers make completely false claims and still be protected by the first amendment? It's still free speech, but the speech translates to other crimes, such as (in the worst cases) fraud. Where is the line in the sand here?
EDIT: To simplify: As an individual, to what degree is my right to free speech mitigated if I use that speech to mislead others? I presume that con-artists can't use "free speech" as a defense...
Well that's kind of the problem isn't it? Sure, you can criminalise outright lying (and perhaps we could do better at that), but things get a lot murkier as soon as you go any further.
Besides, most of the manipulation of advertising isn't about explicitly misinforming people, it's about associations and familiarity. You can't ban an advert saying "Coca cola exists", but it's still going to mean people end up choosing it over potentially better options.
That's the core problem. Generally speaking, when you've got some questionable/debatable restriction like that, you want to err on the side of being permissive rather than restrictive.
But the way we do things now just happens to be the way they are done. For instance, there could be restrictions on where and when you're allowed to advertise, and how you're to present the information. I'm not saying that's the way things should be done, just that alternatives to the status quo are not necessarily infringing on your rights.
If advertising were genuinely about informing potential customers then it would be nothing but specs, prices and independent third party benchmarks. The old Computer Shopper magazine used to be similar to this. People would buy it just for the ads because they provided real value. Modern advertising has much stronger focus on psychological trickery, to the point that advertisers actually use fMRI brain scanning to optimize their ads to be as manipulative as possible. And because manipulative ads are more effective, there's a race to the bottom and minimal chance that less harmful advertising will become the norm again. The only safe option is to block all ads, or to get laws passed restricting what advertisers can do. The latter seems unlikely, so declining to request adverts (the web is a pull medium, nobody "blocks" ads) is the only way to protect yourself.
I can see why you think that, but I think you're wrong. Blocking ads just means that advertisers will have to get better at providing their audience with quality content. It's the invisible hand of the free market at work. I'm not going to block content I want to consume! Just make content I want to consume.
yes, the society we have at the moment is absurd to say the least. Because roughly 2/3 of all economic activity is consumer spending, and advertising is in some categories the single biggest driver for that spending, advertising effectiveness is intimately connected with national economy.
For example, if country A has significantly higher return on advertisement investment than country B, country A will have an advantage when the economies of those two countries are compared. I don't see anything good in the fact that it is so, but that's where we are now.
I don't spend much myself, and I'm not advocate for more spending. But the commentary is about ad blocking, and it would be foolish to discuss it without discussing the aspect of economic impact. My hope is that such commentaries stimulate the advertising industry to re-think advertising to the extent that it makes (much) more sense than it does currently.
I try to stay out of the moral discussions about "consuming" content without "paying" for it. The way I see it, ad networks will regain their rights to run code on my machine when they start taking positive steps to ensure that said code will not cause harm or copy unauthorized information off my machine.