SoylentNews is people
SoylentNews
from the only-show-me-what-I-wanna-see dept.
[Ed Note: This reads a little like a Soylvertisement, but the concept that the blog is talking about regarding using WebSocket to send the advertising (and the tool he uses to see the traffic) is interesting. The "How It Works" section of the blog article (not posted here) is worth a read.]
Pornhub Bypasses Ad Blockers With WebSockets
TLDR: Watch the BugReplay Recording of Pornhub dodging AdBlock
(NSFW level: medium)
We tried to find the most PG page on MindGeek's network to use as an example- it wasn't easy.
When I was building the prototype for BugReplay, I was evaluating different methods of capturing and analyzing network traffic from Chrome. One of the first things I saw that looked promising was the chrome.webRequest API.
From the docs: "Use the chrome.webRequest API to observe and analyze traffic and to intercept, block, or modify requests in-flight."
That seemed to be exactly what I needed.
After experimenting with the Chrome webRequest API, I quickly realized there was a big problem. It didn't allow me to analyze any WebSocket traffic, something I really wanted to support.
As I was searching the web trying to see if I was misreading the documentation or was looking in the wrong spot, I found a relevant bug report from 2012: "chrome.webRequest.onBeforeRequest doesn't intercept WebSocket requests." In the bug report, users were complaining that without the ability to block WebSockets, websites could get around ad blockers fairly easily. If WebSocket data was not visible to Chrome extensions via the webRequest API, they could not be blocked without some heavy duty hacks.
Initially, the risks to ad blockers seemed theoretical; the examples of sites that were employing this technique were very obscure. Then in August 2016, an employee of the company that owns Pornhub.com (MindGeek) started arguing against adding the WebSocket blocking capabilities to the Chrome API. Pornhub is the 63rd most visited site on the Internet according to Alexa. I checked out a few of MindGeek's sites and sure enough, I could see ads coming through even though I had Adblock Plus on. The ads on Pornhub are marked 'By Traffic Junky,' which is an ad network owned by MindGeek.
In the screenshot below, you can see a banner at the top of the page announcing that the site is aware that the user is using an Ad Blocker, with an invitation to subscribe to a premium ads free version of the site. On the right side of the page you can see an advertisement.
http://blog.bugreplay.com/post/152579164219/pornhubdodgesadblockersusingwebsockets
-- submitted from IRC
(Score: 1) by idetuxs on Sunday November 06 2016, @10:12PM
Anyone know a way to disable this for firefox? even a trustworthy add-on?
(Score: 1, Informative) by Anonymous Coward on Sunday November 06 2016, @10:32PM
You'll need to dive in to Mozilla's about:config knowledge base [mozillazine.org]; CTRL-F is your friend. One other very strong suggestion: KEEP NOTES on your configuration changes! You'll want to be able to re-create the good changes and also unwind any changes which didn't produce the desired effect - about:config is often unintuitive.
You may also consider making the switch away from Firefox and to Pale Moon [palemoon.org], a Firefox-derived browser that tends towards *gasp* user-friendliness in terms of modification and configuration. You know, just like Firefox used to be, before idjits took over who decided that they not only knew best, but that it was best to shove everything new down users' throats whether they liked it or not.
One big secret to overcoming the pain of switching browsers is some basic knowledge of Fiefox add-on files: the *.xpi files are actually compressed files (.zip or .7z, I forget which), and the "install.rdf" file is plain text which contains Minversion and Maxversion lines which in many cases can be changed with a text editor to cover Pale Moon's version (e.g. Firefox Minversion 40 changed to 25 to allow Pale Moon to install it): extract install.rdf, edit and save, delete install.rdf from the compressed file, then add the modified install.rdf file back to the *.xpi archive. Drag *.xpi file into Pale Moon window and drop it to install.
(Score: 1) by dbitter1 on Monday November 07 2016, @02:34AM
Have you figured out how to get video working (the Win version is fine, I mean the Linux version)? MP4 video support makes my eyes bleed. Sites like Imgur I have found the most reliable thing is to get a user-agent switcher, then when I find a video it doesn't play, switch to another agent and reload... and poof... it plays... till the next one and I have to use ANOTHER agent instead...
(And yes, I know they are jihading against DRM, and I have no problem with that.)
Otherwise, Palemoon FTW on all accounts.
(Score: 0) by Anonymous Coward on Monday November 07 2016, @05:53PM
Apologies, I'm still mired in Windows in regards to my non-server machine(s). Depending on what the trouble is with videos and imgur, you could try toggling both "media.autoplay.enabled" AND "media.autoplay.allowscripted" to 'false'. Youtube tries to self-autoplay html5-based video using scripts (which Firefox does/did allow for some insane reason); perhaps a similar sort of thing is behind the problem with imgur?