SoylentNews is people
SoylentNews
The PDF contains the full paper (14 pages), but also includes the following abstract:
Abstract—Millions of people use adblockers to remove intrusive and malicious ads as well as protect themselves against tracking and pervasive surveillance. Online publishers consider adblockers a major threat to the ad-powered "free" Web. They have started to retaliate against adblockers by employing anti- adblockers which can detect and stop adblock users. To counter this retaliation, adblockers in turn try to detect and filter anti-adblocking scripts. This back and forth has prompted an escalating arms race between adblockers and anti-adblockers.
We want to develop a comprehensive understanding of anti- adblockers, with the ultimate aim of enabling adblockers to bypass state-of-the-art anti-adblockers. In this paper, we present a differential execution analysis to automatically detect and analyze anti-adblockers. At a high level, we collect execution traces by visiting a website with and without adblockers. Through differ- ential execution analysis, we are able to pinpoint the conditions that lead to the differences caused by anti-adblocking code. Using our system, we detect anti-adblockers on 30.5% of the Alexa top- 10K websites which is 5-52 times more than reported in prior literature. Unlike prior work which is limited to detecting visible reactions (e.g., warning messages) by anti-adblockers, our system can discover attempts to detect adblockers even when there is no visible reaction. From manually checking one third of the detected websites, we find that the websites that have no visible reactions constitute over 90% of the cases, completely dominating the ones that have visible warning messages. Finally, based on our findings, we further develop JavaScript rewriting and API hooking based solutions (the latter implemented as a Chrome extension) to help adblockers bypass state-of-the-art anti-adblockers.
The conclusion is as follows:
We presented a differential execution analysis approach to discover anti-adblockers. Our insight is that websites equipped with anti-adblockers will exhibit different execution traces when they are visited by a browser with and without an adblocker. Based on this, our system enables us to unveil many more (up to 52×) anti-adblocking websites and scripts than reported in prior literature. Moreover, since our approach en- ables us to pinpoint the exact branch statements and conditions involved in adblocker detection, we can steer execution away from the anti-adblocking code through JavaScript rewriting or hide the presence of adblockers through API hooking. Our system can bypass a vast majority of anti-adblockers without causing any site functionality breakage (except one with Javascript rewriting).
We anticipate escalation of the technological battle between adblockers and anti-adblockers — at least in the short term. From the perspective of security and privacy conscious users, it is crucial that adblockers are able to keep up with anti- adblockers. Moreover, the increasing popularity of adblocking has already led to various reform efforts within the online advertising industry to improve ads (e.g., Coalition for Better Ads [5], Acceptable Ads Committee [2]) and even alternate monetization models (e.g., Google Contributor [6], Brave Payments [4]). However, to keep up the pressure on publishers and advertisers in the long term, we believe it is crucial that adblockers keep pace with anti-adblockers in the rapidly escalating technological arms race. Our work represents an important step in this direction.
I found it an interesting read, although I accept that the whole 14 pages might be a little too heavy for some.
(Score: 2) by requerdanos on Wednesday December 27 2017, @10:45PM (8 children)
This is only a technological arms race to the extent that ads try to artificially pretend to not be ads.
Part of the actual site's content that can be considered to be of an advertising nature at some point makes this no longer a binary ([ ] is / [ ] isn't an ad) self-defining subject, and becomes an individual editorial judgment call.
Making "differentially powered" adblockers that erase anything that might benefit anyone anywhere in the sense that advertising might, is not, repeat, not a good, noble, worthy goal.
Giving people choices over what they download and view or don't download/view is a good thing. Blocking things because a new algorithm enables you to do so to is much, much less certain to be good thing.
(Score: 4, Interesting) by frojack on Wednesday December 27 2017, @11:10PM (5 children)
Oh, I don't know, it seems to me that the average user is savvy enough to know when something essential went missing.
They can switch off the adblocker and try the page again if they really want/need to.
Most of the time, when I see these pages insisting I turn off the ad blocker, and I just leave. They lost their investment in my eyes - usually AFTER they suffered the fixed cost of sending the page.
They had their way for 20 years. Its my turn now.
No, you are mistaken. I've always had this sig.
(Score: 1) by nitehawk214 on Thursday December 28 2017, @12:16AM (1 child)
Exactly, if I can't figure out which set of third party scripts to allow without allowing all scripts, I usually decide I am not terribly interested in the content on that page.
Once they start serving ads out of their content delivery networks, I am going to have some problems.
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh
(Score: 3, Interesting) by Runaway1956 on Thursday December 28 2017, @01:00AM
Ditto here. I did, at times, disable adblocking and/or enable scripts to see a page. I don't do that anymore. If the page is designed to hide stuff from me, I just move on, looking for the same content elsewhere. By "same content" I don't necessarily mean the same words, written by the same author. When I am looking for ideas, those ideas are available elsewhere, unless I am researching state-of-the-art technology. Even then, that tech will be available within a few days elsewhere. This research into ad blocking, for instance, will be incorporated into add-ons, rephrased, reproduced, and republished on dozens of sites within a few weeks. Given the title alone, you can hit your favorite search engine, and find similar terms. Given the title and the summary together, it's child's play to find most information and ideas on the web. Sure, state-of-the-art stuff will be more difficult, but if you can wait days or weeks, it's still going to become available.
Note that hard core scientific research may take longer to become available, but it's going to eventually filter down through the percolator. You may have to wait five to ten years for that kind of stuff - or not.
Or, in a simpler sentence: Few people have anything truly unique to offer, so there's no point in paying them to see or hear it.
(Score: 3, Interesting) by requerdanos on Thursday December 28 2017, @12:38AM (2 children)
Oh, I don't dispute that at all; it's just that, in this arms race, I find that more and more often my various adblock technologies reach farther into automatically blocking something that is in fact something I want (or a dependency of something I want). I try turning off tracking-blocker (ghostery, privacy defense) and reload, turning off adblock and reload, ah! now the page works.
I want them to block ads, not break the page.
Sometimes this is the page's fault (refusing to work unless I run a chain of crapware script or third-party junk). I want that stuff blocked.
Sometimes this is the blocker's fault (blocking something innocuous that the page reasonably needs to work). This is what I would rather not escalate just because it can.
(Score: 2) by urza9814 on Thursday December 28 2017, @02:43PM (1 child)
Nuke it from orbit. It's the only way to be sure. ;)
Seriously though, ad blocking through browser plugins is a pretty poor solution IMO. I'm not blocking ads because I don't like looking at them; I'm blocking ads because they are a *threat* to my privacy and security. Now, if Google is actively trying to attack my system, why would I still want to use their services? I don't. I want nothing to do with them. Which is why my ad blocking goes so far that I can't even ping google.com, even if I type in the IP address directly. I've got a fairly extensive blocklist...
But I don't miss much. Sometimes I do a search on DDG and a couple results won't load, but that's fine -- I get an instant 404 and I go back and try another. As Runaway has posted above, there's pretty good odds that you'll be able to find the same content elsewhere. And if you fully block everything sketchy instead of trying to half-ass it, whatever is going to fail will fail immediately and you can move on knowing you aren't supporting that garbage.
Occasionally I do need to punch a hole in the thing, but after the first couple weeks it mostly stopped being for websites. Sometimes I'll go to install some software from the repos and get stuck because the project is hosted on friggin' AWS; other times I'll get stuck trying to update a Steam game because I never bothered to put their content servers in the whitelist (because I build the list by domain name, and I don't have domain names for those)...but it's pretty rare that I need to whitelist a web server.
Block as much you reasonably can at the highest level possible. Nothing of value will be lost.
(Score: 0) by Anonymous Coward on Thursday December 28 2017, @08:18PM
Problem is, your average user doesn't have a local copy of dnsmasq on his network giving out 127.0.0.X numbers for f.tons of dubious domains, nor are they forcing all their http traffic through a filtering proxy, again with a set of f.tons of dubious domains and a lot of dubious URLs blocked, oh, and doesn't have an automated update of the hosts file on all local machines where all these shyster hucksters are listed as well...and then they've got to get by Ublock Origin, HTTP Switchboard and some other friends running on the browsers.
What *we* get up to, they (advertisers) don't care that much about, what they do care about is *Joe Public* getting his sweaty little hands on adblockers and then getting used to an ad free web, even the idiots running my local newspaper's website now have a badly obfuscated 'blob-in-a-single-line' of anti-adblocker javascript on their pages which 'beautifies' into 10,900 lines of really funky code (for the record, there's about 4000 other lines of javascript on their frontpage, mostly to do with tracking and ad lobbing BS) , so, instead of their usual 'riveting' local news stories, I now get a couple of ghostery blocked brightcove video links when I visit their site.
Meh, nothing of value was lost.
(Score: 0) by Anonymous Coward on Thursday December 28 2017, @10:35AM (1 child)
"Making "differentially powered" adblockers that erase anything that might benefit anyone anywhere in the sense that advertising might, is not, repeat, not a good, noble, worthy goal."
Advertising is entirely geared towards deception and pretty pics. As such it has nearly no benefits whilst making unhappy psychotic people.
Of course that is a noble cause!
(Score: 2) by FatPhil on Thursday December 28 2017, @01:37PM
That's going to far; much advertising is, but not all. It's all entirely geared towards persuasion, but not all of the persuasion involves falsity, which I assert is necessary for it to be called deception.
My company copy-edits adverts sometimes, and one of our value-adds (ugh, sorry, but it's a phrase that's way shorter than the less marketroidy alternatives) is to warn clients if they think that their adverts might violate laws regarding claims that might appear to be curative/health/physical-wellbeing related claims (e.g. cosmetics giving you younger skin, spa hotels' services making you healthier, etc.) which would be illegal, and suggesting weasel wording that should keep them legal.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves