SoylentNews is people
SoylentNews
from the only-show-me-what-I-wanna-see dept.
[Ed Note: This reads a little like a Soylvertisement, but the concept that the blog is talking about regarding using WebSocket to send the advertising (and the tool he uses to see the traffic) is interesting. The "How It Works" section of the blog article (not posted here) is worth a read.]
Pornhub Bypasses Ad Blockers With WebSockets
TLDR: Watch the BugReplay Recording of Pornhub dodging AdBlock
(NSFW level: medium)
We tried to find the most PG page on MindGeek's network to use as an example- it wasn't easy.
When I was building the prototype for BugReplay, I was evaluating different methods of capturing and analyzing network traffic from Chrome. One of the first things I saw that looked promising was the chrome.webRequest API.
From the docs: "Use the chrome.webRequest API to observe and analyze traffic and to intercept, block, or modify requests in-flight."
That seemed to be exactly what I needed.
After experimenting with the Chrome webRequest API, I quickly realized there was a big problem. It didn't allow me to analyze any WebSocket traffic, something I really wanted to support.
As I was searching the web trying to see if I was misreading the documentation or was looking in the wrong spot, I found a relevant bug report from 2012: "chrome.webRequest.onBeforeRequest doesn't intercept WebSocket requests." In the bug report, users were complaining that without the ability to block WebSockets, websites could get around ad blockers fairly easily. If WebSocket data was not visible to Chrome extensions via the webRequest API, they could not be blocked without some heavy duty hacks.
Initially, the risks to ad blockers seemed theoretical; the examples of sites that were employing this technique were very obscure. Then in August 2016, an employee of the company that owns Pornhub.com (MindGeek) started arguing against adding the WebSocket blocking capabilities to the Chrome API. Pornhub is the 63rd most visited site on the Internet according to Alexa. I checked out a few of MindGeek's sites and sure enough, I could see ads coming through even though I had Adblock Plus on. The ads on Pornhub are marked 'By Traffic Junky,' which is an ad network owned by MindGeek.
In the screenshot below, you can see a banner at the top of the page announcing that the site is aware that the user is using an Ad Blocker, with an invitation to subscribe to a premium ads free version of the site. On the right side of the page you can see an advertisement.
http://blog.bugreplay.com/post/152579164219/pornhubdodgesadblockersusingwebsockets
-- submitted from IRC
(Score: 0) by Anonymous Coward on Monday November 07 2016, @01:18AM
I'll never understand why more people don't just kill ads at the hosts file and be done with it.
http://winhelp2002.mvps.org/hosts.htm [mvps.org]
(Score: 0) by Anonymous Coward on Monday November 07 2016, @01:36AM
I'll never understand why more people don't kill ads at their home DNS server and be done with it and block the IPs at the router in case a site has no resolution. Gosh this makes me feel like the model that said "dont hate me because I am beautiful". yeah we hated her because she was an aggrogant jerk. Now we all can see how me and the OP are too.
I do understand why people would use these browser adblocking and javascript blocking things; sometimes, you need access to the host because blocking the domain makes things go poof and not work.
That said, I have too many devices to bother updating hostfiles and adblockers and javascript whitelisting and stuff on. The DNS and router combo is a quick and easy way to get the most offensive (google-analytics for example, which I've had to lift only on rare occasions--by pointing that device to some other DNS service). DNS and access-list blocking is a useful way to block many ads on things I havent needed or wanted to root, which usually falls under the "less than $50" device category, VMs, and other stuff that might not really provide easy access to a host file.
(Score: 1) by Arik on Tuesday November 08 2016, @01:04AM
If laughter is the best medicine, who are the best doctors?
(Score: 0) by Anonymous Coward on Monday November 07 2016, @04:16AM
Best hosts file creator APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1 [google.com]
Ads rob speed, security (malvertising) & privacy (tracking).
Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively.
Works vs. caps & PUSH ads.
Avg. page = big as Doom http://www.theregister.co.uk/2016/04/22/web_page_now_big_as_doom/ [theregister.co.uk] & ads = 40% of it.
Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.
Compliments firewalls (blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load).
Gets data via 10 security sites.
APK
P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/ [virustotal.com] (Verified by Malwarebytes' S. Burn "seen the code & it's safe" http://forum.hosts-file.net/viewtopic.php?f=5&t=4290 [hosts-file.net] )