SoylentNews is people
SoylentNews
The PDF contains the full paper (14 pages), but also includes the following abstract:
Abstract—Millions of people use adblockers to remove intrusive and malicious ads as well as protect themselves against tracking and pervasive surveillance. Online publishers consider adblockers a major threat to the ad-powered "free" Web. They have started to retaliate against adblockers by employing anti- adblockers which can detect and stop adblock users. To counter this retaliation, adblockers in turn try to detect and filter anti-adblocking scripts. This back and forth has prompted an escalating arms race between adblockers and anti-adblockers.
We want to develop a comprehensive understanding of anti- adblockers, with the ultimate aim of enabling adblockers to bypass state-of-the-art anti-adblockers. In this paper, we present a differential execution analysis to automatically detect and analyze anti-adblockers. At a high level, we collect execution traces by visiting a website with and without adblockers. Through differ- ential execution analysis, we are able to pinpoint the conditions that lead to the differences caused by anti-adblocking code. Using our system, we detect anti-adblockers on 30.5% of the Alexa top- 10K websites which is 5-52 times more than reported in prior literature. Unlike prior work which is limited to detecting visible reactions (e.g., warning messages) by anti-adblockers, our system can discover attempts to detect adblockers even when there is no visible reaction. From manually checking one third of the detected websites, we find that the websites that have no visible reactions constitute over 90% of the cases, completely dominating the ones that have visible warning messages. Finally, based on our findings, we further develop JavaScript rewriting and API hooking based solutions (the latter implemented as a Chrome extension) to help adblockers bypass state-of-the-art anti-adblockers.
The conclusion is as follows:
We presented a differential execution analysis approach to discover anti-adblockers. Our insight is that websites equipped with anti-adblockers will exhibit different execution traces when they are visited by a browser with and without an adblocker. Based on this, our system enables us to unveil many more (up to 52×) anti-adblocking websites and scripts than reported in prior literature. Moreover, since our approach en- ables us to pinpoint the exact branch statements and conditions involved in adblocker detection, we can steer execution away from the anti-adblocking code through JavaScript rewriting or hide the presence of adblockers through API hooking. Our system can bypass a vast majority of anti-adblockers without causing any site functionality breakage (except one with Javascript rewriting).
We anticipate escalation of the technological battle between adblockers and anti-adblockers — at least in the short term. From the perspective of security and privacy conscious users, it is crucial that adblockers are able to keep up with anti- adblockers. Moreover, the increasing popularity of adblocking has already led to various reform efforts within the online advertising industry to improve ads (e.g., Coalition for Better Ads [5], Acceptable Ads Committee [2]) and even alternate monetization models (e.g., Google Contributor [6], Brave Payments [4]). However, to keep up the pressure on publishers and advertisers in the long term, we believe it is crucial that adblockers keep pace with anti-adblockers in the rapidly escalating technological arms race. Our work represents an important step in this direction.
I found it an interesting read, although I accept that the whole 14 pages might be a little too heavy for some.
(Score: 2, Insightful) by Anonymous Coward on Wednesday December 27 2017, @10:41PM (11 children)
Why don't they just serve ads from their own servers? Ad co's can give them kits to automate the process of refreshing and serving the ads.
(Score: 5, Insightful) by requerdanos on Wednesday December 27 2017, @10:53PM (2 children)
A problem with this is that it prevents centralized advertising with reliable, honest, verifiable reporting--because ads served from each site's own servers can't be verified reliably.
Yes, individual sites handling their own advertising would be a good thing, but at some level of "smallness" of site (random blogger with a wordpress install, for example), it makes sense for someone who is "good at ads" to handle the ads for them. Unfortunately this often means putting the ads in an iframe loaded from that good-at-ads actor, whose ads are then promptly adblocked whether likely to be malicious/annoying/offtopic or not.
Even if the individual sites install a kit and serve the ads locally, good-at-ads.com probably has no reliable way to verify the stats that individual site is reporting, and therefore can't be trusted by the advertisers. Logs look the same whether authentic, or typed by hand, or computer generated. It's like asking gamers to keep track of their own stats in an online multiplayer game.
(Score: 2) by frojack on Wednesday December 27 2017, @11:00PM
Adblockers are getting fancy enough to detect these as well.
How? Well the advert generally is there to draw customers to another site, and these links are easy to spot in the html regardless of where it is hosted.
No, you are mistaken. I've always had this sig.
(Score: 4, Touché) by sjames on Thursday December 28 2017, @03:37AM
The problem is that good-at-ads also likes to bag and tag people like wild bears and often isn't all that good at not serving up malware that joins your computer to a botnet. Since those things keep happening, good-at-ads has poisoned the well and salted the earth. So they'll just have to take what they can get.
The thing is, I'm running Privacy Badger, not an ad-blocker and I still get their whiny tear stained missives about not blocking ads. Only they ring REALLY hollow since I would see their ads just fine if they weren't up to no good already.
(Score: 3, Interesting) by rigrig on Wednesday December 27 2017, @11:05PM (1 child)
Because serving ads isn't as simple (anymore) as simply including a banner from your sponsor.
The ad network holds an auction with whatever it knows about the visitor, and the timing for auctioning off peoples personal data and showing the winning ad within a few hundred milliseconds is actually quite tight.
If you throw in whatever dinky server is showing the content as a proxy for your ad network, that really cuts into your response time. Especially when people are viewing content on the other side of the world but live next door to one of your shiny advertisement CDN servers.
No one remembers the singer.
(Score: 2) by frojack on Wednesday December 27 2017, @11:21PM
Ah, the old days of paying for "impressions". How quaint.
But they are starting to come back because adblockers are so very effective, and (as yet) most
don't bother discriminating where the destination link goes as long as the source link is on the current server.
No, you are mistaken. I've always had this sig.
(Score: 5, Funny) by Anonymous Coward on Wednesday December 27 2017, @11:12PM (2 children)
Because that's not at all compatible with how internet advertising auctions and targeting work.
Imagine a human centipede of marketing companies 100 deep all shitting in each others mouths until finally shitting all over your browser. It's insanely obfuscated by design, because if anyone ever truly understood how these automated systems worked, the buyers would know it's pure fraud which would immediately explode covering them all neck deep in shit.
https://martechtoday.com/infographic-marketing-technology-landscape-113956 [martechtoday.com]
See, obfuscated by design.
(Score: 2) by Geezer on Thursday December 28 2017, @12:18AM (1 child)
You win the internet today.
(Score: 2) by inertnet on Thursday December 28 2017, @01:37AM
Believe it or not, the idea is not original. There are a couple of movies even: Human Centipede [wikipedia.org]
(Score: 2) by FatPhil on Thursday December 28 2017, @01:11AM (2 children)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Thursday December 28 2017, @04:49AM (1 child)
I dunno, it seems HIGHLY unlikely that OP was using that as material reference. Highly. Like no way in hell they would be referencing it. At all.
(Score: 2) by FatPhil on Thursday December 28 2017, @01:08PM
OP says ~ "why don't they host the stuff they have very little interest in the content of?"
I reply ~ "they don't even host the stuff they have lots of interest in the content of?"
Why would they do the former if they don't even do the latter?
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves