Just to re-iterate the article, NoScript runs ads on their website to generate some revenue. Adblock Plus normally blocks these ads, but NoScript whitelists itself (along with a few other partner developer websites) in Adblock Plus "without" end-user permission, and without making a genuine effort to notify users it's doing this. It hacks Adblock Plus from working on its sites, basically.
You can disable NoScript's "modification" to Adblock Plus by doing the following in Firefox:
1) Tools -> Add-ons -> Adblock Plus -> Preferences
2) Collapse the "Filter subscription: EasyList (USA)" list.
3) Uncheck "Enabled" for the "Filter subscription: NoScript Developer Support Filterset" list.
Now when NoScript installs an update, and loads its webpage full of ads, Adblock Plus won't be blocked from doing its duty. Unless of course NoScript re-enables the filter...
There's a very good reason to run NoScript: most web developers still don't understand CSRF, and hence many web applications are vulnerable to CSRF attacks. Running NoScript prevents untrusted sites from exploiting CSRF holes in sites that you care about.
That said I don't personally run NoScript (I use Safari), but I totally understand people who do.
Very revealing. I stopped using NoScript a while ago since it would not properly whitelist some sites. At the time I was wondering why the plugin was updated so frequently with very similar change logs each time. This post explains why.
Interfering with other extensions' internal state is simply unacceptable. Firefox should consider sandboxing the browser extensions. Maybe they'll get to that after they implement Chrome style robust per tab sandboxing.
The plugin is updated frequently also because doing so lands itself in the Most Popular Add-ons chart. Giorgio has a history of pushing the limit to see what he can get away before backtracking when someone calls him out on it.
No it isn't! I'm allowed to ffwd past comercials using my VHS and to cut out ads on my newspaper. Ads are a soft form of brainwashing, making watching them compulsive sounds too much like "brave new world" to me.
Every input we receive to our brains could be said to be a soft form of brainwashing.
Good advertising serves a use for consumers. Without it, you wouldn't be aware of what you can buy/do etc. If you want to opt out of that, fine. Personally, I find it invaluable to be aware of what is going on.
No, a constructive argument showcasing pro's and cons and highlighting merits of competing products serves a use for consumers.
And while that also has a soft brainwashing effect, it actually adds some information that allows you to make a conscious decission. An ad is just the brainwashing.
Perhaps if you're particularly susceptible to brainwashing, then advertising could be a bad thing. But I think you have to give people a bit more credit than that. It's about giving potential consumers information so they can make informed choices.
Word of mouth is still the best form of advertising though - agreed. That's not to say other forms of advertising aren't effective, or useful for the consumer.
For example, I know what movies are out mainly through billboards. It's useful to me. If one looks interesting, I might look it up on the net and see if I want to go see it. I'm not being 'soft brainwashed', I'm being informed of a new movie I might want to go see.
It's about giving potential consumers information so they can make informed choices.
For a long time now advertisement has been about manipulating people's emotions so that they seek fulfillment in the product being advertised. When was the last time you saw an Apple ad where the purpose was listing the specs so the consumer can make an informed choice?
"Interfering with other websites revenue models is also simply unacceptable by using adblock."
Why? I am simply requesting their content, and they are willingly sending it to me. I then process it on client side to my satisfaction, which happens to involve filtering out any ads.
If they don't like that, tough luck, stop sending it to me then.
>> "If they don't like that, tough luck, stop sending it to me then."
It's certainly an option. It's easy enough to detect adblock, and send the user to a "Since you're not prepared to give us the benefit of the doubt that we'll show you a few useful unobtrusive adverts, please donate something or get lost" page, or otherwise degrade their experience.
For example, if the user has disabled javascript, sites should degrade gracefully. Likewise, if the user has disabled common forms of advertising, it'd be good for the website to disable any features that cost them a lot of money to run. Say it's a photo sharing site, give adblock users lower limits or something.
Adblock usage is a very small minority though, so unless you're a massive site (And want the very vocal minority to moan about how they should be free to leech all the content they want without giving anything back), probably not worth it.
Using adblock actually makes things worse for everyone. If you don't use adblock, and a site abuses your trust by doing popup ads, garish flash ads, then don't go there again. Stick by those principles. If everyone did that, then websites with intrusive stupid adverts would die off. By using adblock, you're rewarding those practices, but since you're never going to click on anything, the webmasters will likely make their ads more intrusive and garish to try and increase their CPM.
The problem with your argument is huge. It requires you to basically have a whitelisted internet experience. Since most of the browsing we do is to new sites and new content, Adblockplus and Noscript have value in letting you evaluate the site first, then do whatever you want with it after.
It's a safety buffer and a very, very important one.
Unless you donate to the site/project or enable ads after that you are leeching content.
The responsibility for that goes both ways. If you depend on ad revenue for your entire revenue stream your business model is flawed. Let users do things like purchase the model outright to avoid annoyances or to donate. It's unfair to assume that a product won't be supported.
"Using adblock actually makes things worse for everyone."
Well the thing is, no it doesn't. It makes things a lot better for me, because I don't have to look at ads.
But the funny thing is, I do look at ads, and quite a bit. Any site serving its own ads is not blocked. For example, I just went to railscasts.com and I saw a lot of ads - tasteful, non-animated, and I don't mind at all. What I cannot stand are animated or ugly ads, so I block them. So I had a problem, it's now solved, end of story.
"Stick by those principles."
But it's not my duty or interest to spend a lot of time like this, to "vote" for some sites and boycott others, to teach them a lesson. They have to figure it out. If they do, bring their ads in-house, and make them tasteful and relevant, then I wouldn't take any further action. But "fighting the power" like you propose? It's just not my battle.
"since you're never going to click on anything, the webmasters will likely make their ads more intrusive"
They can do what they want; I'm never going to see them.
I'd be all for that. I don't mind paying for an increased user experience if I actually need it. This would kinda let the user opt out of the ad-based revenue model.
Unfortunately some people will try to hack it, tragedy of the commons and all that.
Sure, it may turn into an arms race, although one of the other points of adblock is also that it doesn't download the advert - so it's extremely easy to detect an adblock user.
I think if adblock usage increases (I don't think it will), we'd move to a 2 tier internet - a degraded slimmed down internet for adblock users, and the full internet for everyone else. Which I think would be fair and just.
This will not work. A good adblocker will load the ads, but it will not display them. This is basically what my recognition center did before I switched to adblock (and had an improved internet experience due to (massively) reduced load times and no annoying, blinking things). The important thing about the last sentence: You cannot assume I actually react to something in the ad, and the ads are loaded, thus, there is no way for the server to recognize a good adblocker.
How is that? It's my browser running on my computer. Shouldn't I have final say over what I do and don't see?
Nobody has a right to show me advertising, just as I don't have a right to read someone's content. If publishers have a problem with it they need to find a way to not display content to clients who are blocking ads.
But this isn't what we're talking about. We're talking about NoScript using my computer to interfere with other plugins. The behavior is unexpected and unwanted.
If the behavior is "ok" then the NoScript people shouldn't have any problem owning up to it, even broadcasting it to all their users. But I think we all know how that would play out.
It would be no different than if when you installed Firefox on your computer it made Safari break, or included some obscure option deep in its configuration menu like "[x] Break Safari."
> How is that? It's my browser running on my computer. Shouldn't I have final say over what I do and don't see?
You're free not to use a site. But if you are viewing a site, why would you even expect to use it without also helping to provide for its upkeep?
> Nobody has a right to show me advertising, just as I don't have a right to read someone's content. If publishers have a problem with it they need to find a way to not display content to clients who are blocking ads.
Attempts which would be blocked by ABP's author. That would be an arms race. Maybe we should start fighting it, though. It would be much harder to maintain that they're not trying to screw over site owners with the extension.
When someone pays to advertise they know it is a "leaky" mechanism. It is understood (or should be) that not every person in the world will see that ad. It is also understood that not every person that sees the ad will buy the products advertised. That's the nature of advertising.
Why do they still advertise? Because of the people that do see the ad, some do buy the product.
It doesn't surprise me the extent some people go to to generate revenue in what I must think is a small market.
I am an adblock plus user and I must say it enhances my browsing a noticeable amount that when I am using a different browser or no adblock I notice and although this is not ideal for websites that make money off of ads I really dislike them.
Same can't be said for noscript I've stopped installing it on firefoxs I use and don't think I have it installed on any of my computers it just stopped being functional for me with firebug and adblock.
> It doesn't surprise me the extent some people go to to generate revenue in what I must think is a small market.
I agree there, but (and I'm in the minority here) it actually surprises me the extent the developers went to block ads in such a small corner situation.
NoScript's behavior started out shady, but it feels like Adblock developers escalated it into some sort of weird war. A war against ads that appear only rarely and that only a small number of people probably noticed? Was that really necessary?
It seems like you'd just uninstall NoScript if it was a major problem seeing their update pages. I mean, someone specifically installed NoScript and it could be serving ads from their local machine if it wanted, right? Do I really expect AdBlock to try to protect me from other extensions to such a level?
I don't use either extension, but it bothers me that extension developers are turning this into a one-up-man-ship for something so minor in the scheme of things.
Not hyperbole-- it's very much in our interest for these guys to sort this out publicly before escalation. It's irresponsible to cause a technical fight on your users machines. Essentially what I said here: http://news.ycombinator.com/item?id=590263
I don't think they did overreact. Noscripts function is to block scripts, Adblocks function is to block ads. They found a popular plugin that attacks their functionality and they took steps to combat it. I'm glad they did so.
The major point behind all of this is that extensions should be an island. You shouldn't be messing with the work of anyone else, especially for the reasons they had here.
Yeah, they overreacted. NoScript shouldn't have started out that way. AdBlock Plus shouldn't have forced the issue by making it even more of an "island" war. They should have started with this kind of blog in the first place before escalating on the technical side.
Note that NoScript could easily change their scheme to move further into their island where AdBlock Plus would be forced to invade fully-- it's in no one's interest to escalate before diplomacy has been worked through.
The last thing we need is the light-smattering of gray Firefox addons (who are at worst showing some adsense ads) to be forced to push things deeper into darker areas.
Imagine if this was Symantec and Trend? Microsoft or Apple? Do you really want them to be fighting technically on your machine? In principle, it's just fundamentally bad for us to encourage that kind of behavior. They should use diplomacy, and shine lights in the dark areas before escalating technically.
Yes, NoScript reacted to the escalation fiendishly. I just don't think it was responsible on AdBlock Plus's side to escalate technically on such a minor issue when diplomacy/communication is so much better for everyone.
AdBlock Plus shouldn't have forced the issue by making it even more of an "island" war. They should have started with this kind of blog in the first place before escalating on the technical side.
Okay, so, you do realize that Adblock faces spammers that are constantly trying to tweak the system to get through blockers like Adblock, right? It's a constant fight. How is what Noscript is doing any other than other spammers?
Adblock is simply treating them as any other ad company that's trying to sneak ads in. Given that that is the reason people install Adblock, that's a perfectly appropriate response.
The NoScript developers not only overreacted, they also acted incredibly against the wishes of the users installing both programs.
> How is what Noscript is doing any other than other spammers?
The whole reason we're even talking about this is because the situation is different than a normal spammer. NoScript is an extension and thus is doing things spammers can't do, and all on the end user's machines.
That's why it makes me sad that Adblock didn't play this more responsibly from the outset. I'm even more sad that everyone else is content in believing that Adblock was doing the right thing by escalating. What they did was less bad than NoScript, but it's still wild west gunslinging without exhausting more civilized options.
We need discussion/diplomacy between developers before people start fighting/warring using their customers' resources.
You should try flashblock, if you don't already know about it. Instead of loading flash you get a play button where the flash would have been and you can choose to turn it on if you want. It also supports whitelists, although annoyingly enough on the host of the flash, not on the website displaying the flash.
I dislike opaque executable blobs delivered inside HTML, proprietary plugins to deal with them, and browser extensions to deal with the problems ... feels like piling bricks on moving sand - tiresome, ineffective, unsafe.
NoScript's behavior isn't the display of ads though, so AdBlock is _not_ directly messing with NoScript.
It could be that the users installed AdBlock to block the NoScript ads. In this case, NoScript is giving the finger to the users opinion.
At some point when the default behavior of two programs with similar feature-sets overlaps you just have to leave resolving them as an exercise for the user.
But targeting the other program in such a way is no different than someone installing two A/V softwares. Sure they may conflict in some areas, but if one of them silently disables or cripples the other on purpose... who is in the wrong?
One of the big points in that article mirrors your example. The correct response is to allow the user to decide.
"But targeting the other program in such a way is no different than someone installing two A/V softwares. Sure they may conflict in some areas"
"This software program conflicts with this software program. You can choose to run them both and accept the problems that occur accordingly or you can choose to cancel this installation or remove program X"
Do you want to cancel, remove program X, or cancel the installation?
Give users the option to opt-into using your software, don't force users to get into a proxy battle by automatically opting into things.
"But targeting the other program in such a way is no different than someone installing two A/V softwares. Sure they may conflict in some areas..."
No. Hell no. Antivirus programs conflict for a good technical reason. NoScript and AdBlock conflict because the author of one dislikes the effects of the other program; were it not for that, the two extensions would be completely compatible with one another. Equating these two things with each other completely misses the point.
I'm giving an example of a way to approach this problem. Installing Noscript could add a rule to an Adblock whitelist. What Noscript is doing by trying to sneak it in is wrong. If they wanted to overwrite a rule, let the user do it. As that article points out, and as Mozilla points out, making that the non-default option is very important.
Part of NoScripts behaviour is the display of it's ads.
That's what it does - it displays ads as part of its website on the extension update page. So those ads are part of the extensions behavior.
Obviously some users supported the NoScript author through the ads or donations. So by blocking those - and blocking the update alltogether - AdBlock was disrespecting what some of the NoScript users wanted.
My point still holds that both were not doing the best in the interest of their users, mozilla, or even themselves.
You can disable NoScript's "modification" to Adblock Plus by doing the following in Firefox:
1) Tools -> Add-ons -> Adblock Plus -> Preferences
2) Collapse the "Filter subscription: EasyList (USA)" list.
3) Uncheck "Enabled" for the "Filter subscription: NoScript Developer Support Filterset" list.
Now when NoScript installs an update, and loads its webpage full of ads, Adblock Plus won't be blocked from doing its duty. Unless of course NoScript re-enables the filter...