Researchers claim to have permanently neutralized ad-blocking's most promising weapons

Originally published at: https://boingboing.net/2018/11/09/advantage-attacker.html

…

So go with the tried and true as blocking model using blacklists of known ad providers versus fancy ML?

Considering that easylist continues to eliminate nearly all ads for me with no muss or fuss, I really don’t see any evidence that the supposed escalating arms race between ad blockers and malware vectors advertisers is actually happening.

Or if it is happening, the advertisers are bringing their very best stone knives and the ad blockers are bringing sniper rifles.

I wouldn’t even bother with an ad-blocker if web ads were more like ads in printed media: static, inline images and text, preferably from the same source as the article content.

I only really want to block ads that:

• play video
• automatically play video
• automatically play video unmuted
• expand as I scroll
• move around as I scroll
• cover what I’m trying to read
• open new tabs
• mimic system dialog boxes
• insert cookies to track what other sites I visit
• bloat the page I’m looking at and slow down its loading
• expose my machine to malware
• utterly dominate the content.

But that covers 90%+ of all web ads, so block blockity block I go.

This is a pretty good list of the things I object to as well. I understand ads are necessary to generate revenue and support that model. However, when the ads autoplay videos, or block my reading the content I came for, you can be sure I’ll pretty soon abandon the site as a place to get my news and information from. Forbes went down in flames on my list in the last year for their incredibly obtrusive ads and videos.

Content wins, website designers. Obnoxious ads just turn us away.

At the risk of pumping favourite ad blockers rather than contributing to the actual debate implied by TFA:

I’m using the blocklist-based Pi-hole, which is cutting as much as 75% of all requests from the machines in our 3-person household (one of us is 18 years old though, mind you).

What’s amazing is that our access to web content is almost unaffected. It’s pretty mind-blowing how much junk is going over the wire on the average web session which can just be dropped without any impact on your browsing. And it has the nice side effect of things speeding up quite a bit too (particularly on mobile devices).

BoingBoing gets ads just about perfect: confined to separate promotional posts, clearly marked as such, which you have to make the effort to visit to see in full, and which you can leave sarky comments against if you feel like.

(I used to feel slightly guilty about doing that, until I realised that even if you read an advert just to leave sarcastic comments, you have at least read the advert, which isn’t true of the vast majority of ads.)

You forgot ads that creepily follow you around the internet, or ads that insist on showing you stuff you shopped for last week.
And of course, ads that track you and siphon off all the private info they can about you so as to make even more utterly asinine guesses as to what you might want to buy.

Wait wait wait… there are ads on the internet?

I intended to cover those under:

ETA: but I think you’re right to call them out explicitly, especially as, IIRC, they have non-cookie means of perpetrating this nefariousness.

I’m probably displaying my own ignorance just by asking this question, but will Pi-Hole work with the IPhone?

The Pi-hole software runs on a separate machine on your network (often that’s a Rasberry Pi but it doesn’t have to be). It monitors all requests that your phone, computer or anything else is making, and blocks bad stuff like ads for them. So your iPhone doesn’t need to run anything special.

Sigh. Time for a new law. Something along the lines of:

“All digital advertising must be identified as such by human readable visual mark and machine readable metadata. Each violation shall pay a fine of no less than $100 per authorized ad transmission to be paid each by the media source owner AND the ad server. Instances of unauthorized ad substitution shall pay a fine of no less than $10,000 per transmission to be paid by the entity performing the substitution. Attempted deception of human or machine readable requirements shall treble fines.”

(@llamaspit)

It only works on your own wifi network. You will still need standalone adblocking add ons or apps for when you go on the internet away from home.

If you surf the web with safari, I use 1blocker and it works quite well. If you need ads blocked in other apps, I have used and am pleased with weblock, which blocks ads in all apps on the device (it uses Proxy Auto Configuration, which appears to be a newfangled and IOS permitted way of blacklisting sites in your .hosts file).

eta: weblock has an android version. I suspect 1blocker does as well at this point.

Boing boing also serves up the standard clickbait “sponsored links” and other garbage, if you ever make the mistake of visiting the site without an adblocker enabled.

Internet advertising makes the old Safestyle UK “Buy One Get One Free” ads seem almost bearable in comparison.

No youtube video, because those ads were so annoying no one wants to torment the rest of the world with them.

Did not know that. Shows how used I’ve got to having an adblocker running.

I think researchers are looking into a future when site serve their own ads (or, more likely, 3rd party ads are integrated in the application layer of desirable content), and network-request based blocks aren’t viable.

I think perception-based blockers with large numbers of humans generating an evolving training set (e.g. correcting their blockers as they browse) are probably still a viable way forward.

I use Feedly to read or review the websites I like. That gets rid of most of the ads. If I go to your site to read the article and it’s a mess of ads, I’ll probably unsubscribe your site.

Ads that utilize 90% of motherboard and memory are exactly the reason adblockers are essential. I use a ten year old machine for accessing the Internet and ads play hell with performance. Until chipmakers beat the most recent chip-based security problems, any new computing device will be offline only.

Yes, blogs need revenue. Most blog owners, though, have been suspiciously silent on performance issues that affect their readers.