Are ad blockers doomed or have we already won? A history lesson
adguard.comI posted this deep in a thread but feel like it should be a higher level comment so here we go.
Websites can be so ridiculously short sighted and just want to squeeze out every penny they can not thinking of the users they end up losing in the process. And they do lose users And fast. Personal experience time!
I ran a pretty popular wiki for Dungeons and Dragons homebrew on what used to be called Wikia. At some point they decided they available needed to have some terrible new skin that was stuffed with ads and unbelievable ugly. We pushed back but they were adamant about forcing it, so I took all the content and all the users and self hosted it for almost a decade afterward. The Wikia site was completely dead. Sucks for them but their choice.
I paid $10/mo or $20/mo for the site depending on the year, and never ran ads. At one point I got an offer from a company in the same hobbyist space to buy it from me. At that point I was extremely sick of being my own sysadmin and worrying about security vulns so I accepted it. Now some time later they're trying to pull the "stuff it full of ads in the worst places!" routine. Users are getting pissed and starting to ask me about taking all the content...and users...and going off to a server adminned by me again.
If I do this, it will be completely devastating for the site and tank their traffic. Do they care or realize? Guess we'll see.
All of this could be avoided if they just made the ads less shitty. Not showing up in the middle of navigation bars. Not being bigger than the surrounding content, so it completely stretches it and ruin's the site layout. Not having a completely clashing background color to the site. All extremely simple stuff.
I occasionally go The Guardian's web site, and they displayed a nag say I should not be blocking their way of making money out of a non-subscriber. I thought "fair enough" and disabled my ad blocker. About 2 minutes later, which is what it took for their web site to load with the ad blocker off, I turned it back on again.
In the end solved my attack of the guilts by becoming a subscriber. However, I had no sympathy for them no getting money form ads. That was totally self inflicted. The ad blocker, the thing they were blaming, wasn't the problem. Without the ad blocker I would not be visiting their site at all.
When I see a site that attempts to stalk me (even if my countermeasures manage to block it) the last thing I would do is to hand them my personal and billing details on a platter, give them money, and act as a "manual" tracking cookie by logging into my account every time I visit the website (to bypass the paywall).
At least beforehand the best they could do is to get pseudonymous network & browser data (if they managed to get past my countermeasures like uBlock and nasty IP ranges blocked at the network level), where as once I pay they now have confirmed billing details they can do whatever they want with. If they don't respect my privacy before I pay then I have no reason to trust they'll suddenly respect it after I pay. Most likely they'll just attempt to have their cake and eat it, aka take my money and still stalk me.
Yeah, the load times without uMatrix and uBlock Origin are abysmal for A LOT of sites.
This reminds me of A/B testing that likely was the method Google unwittingly used to obfuscate sponsored results in Search. The A/B test KPI they were measuring clearly was creating more click through to sponsored properties and it eroded trust and utility in exchange. I am sure they increased their short term Ad Words profits.
I keep saying: A/B testing is how Satan influences this world. They make it all too easy to turn your product development into optimizing bad metrics, and they give ammunition for justifying self-destructive decisions (it must be good, the data says so).
> it must be good, the data says so
Slightly unrelated, but I heard a good quote the other day: "If you torture the data long enough, it will confess."
With the advent of AutoML tools, it doesn't even take that long anymore.
Nice, I'm stealing it! Thanks!
What are you thanking him for? It was your idea.
Wait. I mean, it was my idea. Why aren't you thanking me? Donate to my Patreon please.
It's just A/B testing happens to align well with being an employee, not caring about the company, the future of the company, only caring to impress your boss short term and then getting promoted or leaving for another company. It's like a perfect selfish short term instrument for that, it doesn't burden you with mid and long term consequences.
But it's actually pretty hard to find something where A/B testing would be appropriate, outside of measuring effectiveness of ads of course, since they are naturally short term and consequence-free.
Here is the source: https://searchengineland.com/search-ad-labeling-history-goog...
What do you suppose the lifecycle is of something like this?
Does the new owner, under their own power, set about adding ads to their site? Do they install a 3rd party ad tool that does the dirty business? Or does some smooth talker show up and tell them they'll take care of everything for a modest cut of the profits and that person makes a hash of everything?
Because it really does feel to me like there's a certain detachment from the userbase. If the owners are the actors instead of just complicit, maybe they're 'doing us a favor' by showing us how they really feel.
Uh... if you sold it, did you retain the rights to the content in the sale? If not, I'd say your users are going to have to suck it up.
I didn't sell the content, I sold the site.
The content was all licensed to the wiki under CC-BY-SA. So even if I could have legally sold the content, which I couldn't have because I didn't own it, I and my users could fork it however we want.
Nearly all wikis have content licensed under some form of creative commons. e.g. Gamepedia used CC BY-SA for older wikis and CC BY-NC-SA for new ones.
I feel that we've done ourselves a disservice by referring to them as ad blockers rather than content blockers or, better yet, virus blockers. With malicious ads being the primary vector for compromising a person's computer, calling these tools virus blockers would not only be more accurate, but it would make it harder for sites to counter their use from a public relations point of view.
Could you imagine visiting a web site only to have it tell you to disable your virus blocker to view the web page? Yet, web sites make the same requests of your "ad blocker" even though the end result is the same. They want you to disable your security protections and risk infection to view a web page.[1]
Sadly, I believe we've already lost this battle and are worse off for it.
1. https://www.networkworld.com/article/3021113/forbes-malware-...
Ads in general should be considered malware. They have adware and spyware components and both types of software used to be detected and removed by anti-malware software. Apparently a few lines in the terms of service nobody reads is all it takes to legitimize this abusive software. Because users have "agreed" to be subjected to malware, their use of content blockers somehow becomes immoral.
> With malicious ads being the primary vector for compromising a person's computer, calling these tools virus blockers would not only be more accurate, but it would make it harder for sites to counter their use from a public relations point of view.
I don't understand this. How are malicious ads the primary way to compromise a computer?
It depends on the ad. In the before time, long ago, ads were a simple static image or body of text. And in that case, while not impossible, it's rather hard to compromise a computer with a static image or block of text. You'd have to have a fairly specific image crafted to adversarially target a specific bug in the rendering of images to get code execution, and thus compromise a computer.
It is no longer the before time.
In the now time, ads frequently contain not just text or images, but javascript as well. And already having code execution by virtue of javacript, it is a lot easier to escalate the privileges of that code execution from the limited environment of the browser to installing code on the computer running that browser. Want to deploy your bot? Buy an ad that includes your malicious javascript payload. Now, anyone who goes to a site and views your ad will execute your javascript for free in addition to your offer to sign them up for credit score monitoring.
Are there any ad networks that allow random advertisers to include custom JavaScript in ads?
It just seems like a huge security hole and is not in the interest of ad networks for multiple reasons.
They might have JS in ads, but isn't that from the ad network's infrastructure.
Every single ad seller's been caught by companies selling these dangerous ads. Google, yahoo, etc. They usually catch it within 3-5 days. That's too long.
In short, yes. Advertisements are a huge way to get malware onto people’s computers. This just one random article from a google search for “malware advertising” but there are tons and it still happens today.
https://arstechnica.com/information-technology/2016/03/big-n...
What is in the interest of the ad networks is income and plausible deniability.
“Sorry we didn’t realise that there was malicious content in that ad, we’ll do better in the future, and we’ll also work on taking less than four days to remove malicious content.”
In the meantime the reason ads are being bought is the ability to deploy customer enrichment experiences (the new name for malware) which will help customers better discover your product (by redirecting their browser, or rewriting links).
Are there ad networks that don't?
I have seen ads trigger site redirects, app download redirect to app stores etc. and even initiate apk(Android app package) file downloads automatically.
That metric may mean in an indirect sense as well as a direct one - i.e. ads are the most common first step in a pathway that begins with getting a user to take some action that eventually leads them toward doing something that ends in compromise, even if it's several (mis)steps later.
Even if you have a zero-day exploit for a browser, you still need to get that exploit to your victims. Ads are the easiest way to get custom media and javascript into as many browsers as possible. Ptherwise, you need to tempt users to your malicous site or find an exploit in a widely used site to get your payload to users (since most sites do not allow users to post arbitrary HTML, CSS or javascript).
Ad networks are supposed to vet ads to make sure they are safe, but they're bad at it and the system is not set up to make it easy (ads are dynamically generated by whoever's buying them as the page loads).
Because most ads are served by a handful of ad networks (Google Ads, etc) you have a single entity through which you can get your malicious ad spread across a wide range of websites, increasing its yield. Without the ad networks you'd have to negotiate with every single site one by one to get your ad displayed, and some sites might do more due diligence and refuse to serve your ad because of its maliciousness.
I think it's better to just be open about it. I don't like ads so I block them with an ad-blocker. There's nothing wrong with that. I don't have a moral obligation to waste my time watching things that don't interest me or being manipulated in a way that is detrimental to my psychological and material well-being.
"malware blockers"
Many ads are not computer viruses, but almost all of them are malicious.
When I'm feeling tetchy I call them malware blockers. RATs, browser toolbars, adware, etc. might not technically be viruses, but they sure as heck are being used as malware.
> "risk infection"
this is how I feel about all advertisements
And rightfully so, because their whole point is to compromise your mental faculties. They're a memetic hazard.
Yes, I call them HTML firewalls.
Or just a way of maintaining the integrity of your own internet experience.
Great article! It's funny to finally see ad blockers go "mainstream".
My dystopian-future fear is that that Web Assembly will be the end of ad blocking (and the end of a web of connected web sites). Big sites will eventually convert to essentially "a web browser inside a web browser" so they have total control over the content and how it's displayed.
Then ad blocking (and other customization) will be limited to "the analog hole" - trying to image detect or OCR things.
I hope I'm wrong, but I've also been asked countless times over the years to "stop people copy/pasting our text" and "stop people seeing our code" and "stop people downloading our images"... the browser-in-a-browser feels inevitable!
> Big sites will eventually convert to essentially "a web browser inside a web browser" so they have total control over the content and how it's displayed.
This has already happened: Just look at how many websites pester you to download their mobile app or even block content unless you access from the app. From a user functionality perspective the vast majority of apps do nothing a browser can't do. But the killer feature for apps is how much easier it is for the developer to get your location data, contact list, and importantly show you unskippable, auto-playing, 90s-era-popup-level-annoying ads
You use a firewall on the device to block requests to the ad server. Most apps will keep working fine. Then all it takes is an OS that lets you revoke permissions on sensitive data without the app knowing.
Ad networks can easily work around this, either by requiring publishers to proxy their requests or by having lots of domain names and proxies, which can be dirt cheap. You can't block requests as fast as ad networks can add domains and ips.
Sometimes I wonder what keeps ad networks from becoming more aggressive. Wonder what keeps them from breaking the content and force users to disable ad blocking. Because I know it can be done.
It's probably because publishers don't want to piss users off. Or maybe it's because on mobile most clicks come from Facebook or Twitter or other apps using web views that don't do ad blocking.
Google hosts YouTube and the ads for YouTube on the same domain with obfuscated paths, so that won't work. About all you can do if you want to use the app is pay for premium or use something like Vanced which unlocks the premium features without paying.
The main reason content blocking works is because anyone can introspect webpages and the source is available for modification. When things become byte-compiled it gets exponentially harder, if not impossible.
Works less well on mobile, which is what most people use these days.
Many websites indeed pester us to download their mobile app but I have yet to find one that forces me to? Do they actually exist?
Reddit forces you to download the app now. You can scroll like 2-4 pages worth of content and then it'll pop up asking you to open in app.
On every page you navigate to from within the website you'll first get a pop up asking to choose between browser and reddit app.
I'm using old.reddit.com and wasn't aware they started doing this. Reddit is turning into a dumpster fire, it's bad enough I have to use the old UI so that it doesn't burn a hole in the cpu.
Forget the CPU usage, I only use the old UI because it's better/ I find it more usable.
Or maybe I'm just getting old :D
It's both.
The new UI is terrible and barely useable. But Gen-Z is used to barely useable UX. (looking at you, Snapchat)
I wont disagree there, it's not useable. I wonder what possessed them into believing any of this was a good idea.
The new UI increases the similarity between posts and ads, making you more likely to mistakingly click on an ad.
the new UI is so uncomfortable to use, I don't like how bloated websites are becoming, but usually I can cope with it. Reddit's is just bad. It's buggy, it's inconsistent, and its resource-intensive.
> I'm using old.reddit.com
Heyo that's awesome! I feel ten years younger.
It's worth noting that Reddit has a vibrant community of excellent third party apps, none of which display Reddit ads.
Which means Reddit is almost certainly going to break all of them, eventually.
> On every page you navigate to from within the website you'll first get a pop up asking to choose between browser and reddit app.
There's a user setting for this, somewhere. I found it once. It's default on but once you un-check it you no longer see the app nags. It's great. And terrible they hid it like that.
--edit-- Or there was, damned if I can find it now.
Reddit outside of old.reddit.com is a dumpster fire. I specially dislike those JS loading icons on mobile, it's just so slow...
You can turn off the prompting for the app in the top-right menu. You don't even need to log in for that.
If I’m ever on YouTube or Reddit I always set request desktop site to always in Safari on iOS.
Yelp! Try clicking "read more" on any review in a mobile browser and see what happens.
You can get around that by selecting "View desktop site" on your mobile browser.
So don't use yelp
This would be a more attractive option if it didn't amount to 'cede yet another part of the Internet to Google'.
Reminds me of when Microsoft took over. Many of their competitors destroyed themselves in the 80s and 90s.
In my final year of university during the late 90s, we'd have different companies come in to do presentations on what they do and why we should work for them. Microsoft did a two hour presentation on how great of a place Microsoft is to work at. About a month later Sun came in and did a two hour presentation on how much Microsoft sucks and how stupid you'd have to be to go work there. We learned almost nothing about Sun from their presentation. After that I really started noticing just how much Sun allowed their business decisions to be guided by antagonizing Microsoft rather than providing products and services to their customers. I wasn't surprised at all by their eventual failure.
Instagram. Can't read messages unless you use the app.
Snapchat is of course app only.
That was true for a while but they added this feature some time ago.
I tried to use imgur on mobile to upload a random image today but couldn't[FireFox]
Using FF on my desktop worked fine.
That is the ultimate end of every free image hosting service.
Being able to work on Firefox but not their own app?
I think they're referring to the Imgur mobile website, which no longer allows uploads, requiring you to download the Imgur app.
Quora
> Just look at how many websites pester you to download their mobile app or even block content unless you access from the app.
Users should respond by creating an open source replacement for the official app. Surely there's a way to fool the server into thinking it's talking to the official app.
The problem here is that these companies can abuse the DMCA to get the app outlawed and pulled from the major app stores. In fact, Apple already doesn't allow you to publish any app that interacts with any reasonably big third-party service or device without the explicit approval of the service (that's how alternative YouTube clients disappeared on iOS), even for devices such as smart light bulbs that are explicitly designed to be controlled via the local network without any authentication: https://community.lifx.com/t/app-store-rejection-permission-...
Apple devices aren't free computer systems. Apple owns the devices, not the users. They gave up their freedom when they bought a computer that doesn't give them the keys to the system. They have little choice other than to accept whatever conditions the big corporations impose on them.
Thankfully, iOS does not represent all systems out there. Android systems allow installation of apps from any source and PCs traditionally have no limitations on which programs can be executed by the user. Better alternatives to these abusive "official" apps should be a selling point for these free systems. A perfect example of adversarial interoperability:
https://www.eff.org/deeplinks/2019/06/adversarial-interopera...
Crypto is too good, unless you have a jail broken phone
Sustaining your point: https://www.linkedin.com/pulse/think-twice-when-installing-m...
Android + Magisk + AdAway
I use BlockAda, It functions like a VPN which can be annoying if you use a VPN a lot but otherwise it is a simple on off switch for people who aren't very savvy with their phones.
It's Blokada. It's Polish for "blockade".
Or use Firefox Preview and uBlock Origin.
Yeah but that doesn’t block in-app ads
Honest question, but which apps are both required (don't work in-browser) and don't serve ads from their own network (Youtube, Facebook)?
Add DNS66 from the fdroid store and you are set
I mean, won't there always be alternatives to this bullshit?
Don't paint webassembly as something terrible. Webassembly does not add anything substantial to what's already in web. You could compile C code to JavaScript before. Webassembly does not provide new API unavailable from JavaScript. Webassembly is just an optimization. Some code will work faster and consume less memory, that's all. You could write website which paints itself on canvas with JavaScript years ago. The fact that nobody goes this route means that there are inherent problems with this approach. For example that website will be completely inaccessible for Google.
The threat of WebAssembly is that it may encourage more sites to require users to allow client-side code execution to work. For those of us who aren't trusting enough to allow this, it means that the web gets smaller even faster than it already is.
It seems like if you replace WebAssembly with JavaScript in this comment it makes just as much sense. What is different about WebAssembly?
WebAssembly expands on the ability to do client-side stuff and makes it more accessible, so my fear is that it will make it more common.
That's pretty much the entire difference. It's a difference of degree more than of kind. As I said, Javascript is making much of the web inaccessible to me, and WebAssembly, if it becomes popular, will only accelerate this loss.
I wonder how feasible a rendering proxy would be. It would run the JS in a simulated browser environment and return the HTML.
Interactivity would be tricky, but static HTML is better than a blank page.
Edit: Found something very similar, but it targets legacy browsers using clickable image maps rather than privacy/security.
WebAssembly adds new functionality to the browser runtime environment that isn't available to regular JavaScript. It was originally 1:1 with asm.js/JS but that stopped being true relatively quick.
It's faster. That's literally it. There aren't any new I/O facilities.
A few examples of things it adds that are not widely available in JS (if at all, or requiring awkward hacks/hints in JS), off the top of my head:
int64
uint32
popcnt
copysign
reinterpret_cast equivalent (the js hack for this is abysmal)
pthreads
SIMD
AOT compilation
To be fair, it's been a while since I was last one of the authors of the webassembly spec, so I could be missing some things.
Could ads be served with web assembly?
Yes, though I don't know if it makes sense to do it for any reason other than hiding from ad blockers.
Well, for some it is the only reason needed...
WebAssembly allows allocation of memory and exposes a huge threat surface. We can't even protect the current APIs and these are being exploited by sovereign nations to oppress people like the Uyghurs. How about we focus on making the sandboxes stronger instead of building out things like WebGL and WebAssembly.
A lot of the future of ad blocking will depend upon why people are blocking ads. Some of us have nothing againsts ads in principle, but do not like the practices of the advertising industry. This includes things like tracking people across websites, intrusive advertising, excessive bandwidth usage, deceptive advertising, and so on. Blocking the "analog hole" would be irrelevant in most of those cases.
If ads were expensive to buy we'd see a lot fewer of them and would not need to be intrusive, they'd be be just as useful as intended, to inform people. The problem with the modern economy is that everything that works is eventually pushed over the fence and it stops working. The boom busting cycle keeps on repeating
They'd probably still engage in spying, though, which is 95% of what makes ads objectionable to me.
My problem with ads on mobile are that they are very obtrusive.
I second this. I also hate how links behave nowadays. I used to right click and open in a new tab or save the link but in many cases it no longer works and is quite annoying.
If ads were more expensive to purchase we'd see a lot fewer of them and they would not be as intrusive. But this ain't so and we need adblockers.
They (the advertising industry) come back with a stronger system that is harder to ad block and we retaliate with something else. What baffles me is that they don't see that we are resisting, they produce something that nobody really wants. The whole advertising industry is something questionable.
It's probably a prisoners dilemma for those in the industry as an individual. Because everything operates on the short term, there is no moderator of long term goals. If something gives you 5% better hits today, you have to do it, no matter if it's going to kill you two weeks from now. Or your competitors will and you'll see a drop in sales.
Web Assembly will be the end of the HTML/HTTP based web: QUIC, direct JS based render in browser, no more view source.
HTTP/HTML will become the next gopher, and this makes me incredibly sad
Don't forget DNS-over-HTTPS w/ certificate pinning to prevent DNS-based request filtering, too.
This is why we cannot allow Chrome to gain dominance over the web. We all know Google would love to do this.
Why WebAssembly? Just bake ad code into a SPA and that's it. Random elements with random names at random positions in the DOM, positioned using styles. Quite low-tech. If implemented properly, it cannot be blocked. At all. Except blocking all scripts of course, which means the SPA will stop working.
And then I'll just stop visiting. (:
Nobody wants to host ad content / pay for the bandwidth themselves though. I think URL blacklisting will continue to work.
> Nobody wants to host ad content / pay for the bandwidth themselves though.
Actually the issue is that the companies paying you to run the ads don't want you to host it yourself.
* They're paying for impressions, and they don't trust you to report those honestly.
* Real time bidding means the ad to be displayed often hasn't been determined until a few milliseconds before the page loads in your browser.
* They can't (as easily and reliably) collect demographic and behavioral data (ie spy on you) if you don't contact their servers directly.
True! More (and more important) reasons why URL blacklisting will continue to work in the WASMy browser-in-browser age.
No, they just want to squeeze out every penny they can not thinking of the users they end up losing in the process. Personal experience time!
I ran a pretty popular wiki for Dungeons and Dragons homebrew on what used to be called Wikia. At some point they decided they available needed to have some terrible new skin that was stuffed with ads and unbelievable ugly. We pushed back but they were adamant about forcing it, so I took all the content and all the users and self hosted it for almost a decade afterward. The Wikia site was completely dead. Sucks for them but their choice.
I paid $10/mo or $10/mo for the site depending on the year, and never ran ads. At one point I got an offer from a company in the same hobbyist space to buy it from me. At that point I was extremely sick of being my own sysadmin and worrying about security vulns so I accepted it. Now some time later they're trying to pull the "stuff it full of ads in the worst places!" routine. Users are getting pissed and starting to ask me about taking all the content...and users...and going off to a server adminned by me again.
If I do this, it will be completely devastating for the site and tank their traffic. Do they care or realize? Guess we'll see.
>> My dystopian-future fear is that that Web Assembly will be the end of ad blocking
The answer to that is to disable Web Assembly, much like a lot of people disable JS. The whole idea of running other peoples code on your machine is the problem, and it baffles me that browser companies are still trying to enable more and more of this. I don't want your code running on my computer.
That's great, until all the major corporate sites you actually use stop serving any content in HTML.
This future seems inevitable. The only sites you'll be able to actually use without some custom web assembly renderer will be those which don't serve ads at all now - wikis, open source projects, non profits, corporate web sites, etc. Any site funded by ad revenue will effectively remove itself from the web and into its own web assembly app instead.
We might even see the rebirth of something like AOL, a meta app that will be a portal to render content for others who want to use the platform. It might even just be an upcoming version of amp, or a new feature offered by Facebook or cloudflare...
It's funny because all the major corporate sites could already have stopped serving HTML and just gone completely with Flash, Silverlight or Java, and yet the doomsday scenario never happened. Hell, Android apps are basically the closed "meta apps" you're talking about, and have been around for years, and yet corporate, ad-driven sites still use HTML.
I don't see why Webassembly should the inevitable slippery slope to the entire web becoming some kind of closed source binary-only dystopia, other than it being loosely associated with Javascript, which half of HN hates and fears to a degree bordering on mania. The FUD really needs to end already.
>and just gone completely with Flash, Silverlight or Java
Not sure what you mean by that. There were plenty of sites not usable at times because of their use of java or flash.
The thesis is that the existence of Webassembly, alone, means that all ad-supported sites will inevitably be rewritten entirely as WASM blobs in order to prevent the use of ad blockers. The typical doomsday scenario also includes the conversion of rest of the web to WASM, with support for HTML being entirely deprecated in all browsers, so that corporate interests can lock down, centralize and control the web entirely.
I'm claiming that thesis is incorrect because prior methods existed and still exist to encode websites as embedded binary applications, yet ad-driven sites still primarily use HTML, and the HTML driven web still exists.
How usable sites using java and flash were isn't relevant. Either all ad-driven sites seek to maximize their control over the end user by any available means at all cost, or they don't. As they evidently don't, the slippery slope of WASM leading to the end of the free web seems unlikely.
> The thesis is that the existence of Webassembly, alone, means that all ad-supported sites will inevitably be rewritten entirely as WASM blobs in order to prevent the use of ad blockers. The typical doomsday scenario also includes the conversion of rest of the web to WASM, with support for HTML being entirely deprecated in all browsers, so that corporate interests can lock down, centralize and control the web entirely.
The thesis is that WASM will be the form of HTML's destruction, not that it is the only tool capable of it.
A confluence of trend lines lead it to be "in the right place at the right time." We've already come to accept that much of the web requires javascript, if it works in Google Chrome then that's fine, and video content requires DRM blobs.
The public is ready for this, and ad-supported content providers are floundering even though the fed keeps printing money.
With how much money is spent on bogus technical solutions in the ad space with marginal or no recognizable benefit, the time is right for innovation, and WASM is arriving just in time. Just like with AMP, I'm sure WASM-AMP will be sold for its amazing performance characteristics, because the modern web is so full of trash how could it not be at least better than the status quo?
WASM isn't some uniquely horrific development, it's just the next evolution in the downward trajectory.
> Big sites will eventually convert to essentially "a web browser inside a web browser" so they have total control over the content and how it's displayed.
For the time being, you can thank the threat of an accessibility lawsuit for slowing this future down. Building a custom renderer might not be as challenging as supporting the myriad accessibility needs of disable users.
Yes, but doing so, they will lose the ability to be indexed, searched, archived and linked to. Like during the flash era.
Which in turn will start a new trend of website that are "open".
It's a cycle.
> they will lose the ability to be indexed, searched, archived and linked to
Sounds like an API that will be implemented.
If it's not standard, it will be useless. If it is, the browser will eventually put it in the users hand.
Crawler bots are already doing site rendering and OCR. This isn't that big of a step for them.
TIL. Wow. I guess I missed the web is not HTML anymore.
Plenty of sites already give Google something different from what they show everyone else, right?
No, that's actually a great way to make Google penalize your site. It's explicitly against their Webmaster Guidelines: https://support.google.com/webmasters/answer/66355
Tell that to linkedin, pinterest, and dozens of news sites.
Linkedin used to trick people into thinking you have to pay to see someones profile when you can see it just fine by logging out. That is not against Googles policy. Not sure if they still do that, but I used the logout trick a lot a few years ago.
Google does document a way to mark paywalled content and have it indexed without it being considered cloaking: https://developers.google.com/search/docs/data-types/paywall...
Big properties do that and Google doesn't care.
You sure about that? How big qualifies as big in your eyes? Medium implemented homepage cloaking in November of 2019 and within a month they lost 40% of their overall search visibility:
Pinterest? Google is somehow able to crawl images on their site, but I certainly can't view these images without creating an account and logging in. Their site ranks highly enough that I gave up on google image search last year.
Additionally, off the top of my head Bloomberg and NYT both won't allow me to view more than a few articles but let the Google crawler index their articles.
Yes Pinterest is awful. Certain categories of images are totally borked on Google and other search engines because of them.
I thought that was an offense that would get one either severely de-ranked or delisted from search outright?
What do paywalled sites do, then? They don't seem to have a problem ranking just fine.
They show the abstract or the same bit of the headline and maybe a paragraph you see when hitting the page. Googlebot doesn't get the full text.
I've definitely seen article text on Google that was not presented to me when I clicked the link, and not because the article was updated or something, but because I was blocked from seeing the article.
It could be in a hidden element or something.. I find that pages that do this fall in the face of things like safari reader mode.
Many "paywalled" sites lose their paywall if you disable JS.
Actually, Web Components and Shadow DOM bother me more than Web Assembly. You cannot "pierce" into a shadow DOM from the outside and this creates an impenetrable barrier for content blockers. We've already seen examples of whole web pages transformed into a shadow-dom web component.
The more of pages introducing the solution you describe the more chance ad blockers / browsers will pick up the new challenge ;)
Firefox has openOrClosedShadowRoot available to extensions that allows them to bypass closed shadow dom.
> You cannot "pierce" into a shadow DOM from the outside
Why not? You can inject any script into a meta header on document start from an extension or do the same in an intercepting proxy.
Shadow DOM is created dynamically using "attachShadow". You can try overriding Element.prototype.attachShadow, but this is easy to detect.
Well, currently adblocking is already full of such easy to detect overrides, and extension APIs already have plenty of limitations on what they can touch and replace allowing websites to easily bypass most of the overrides, but they do work at the moment and websites don't bother.
I think ads will be the reason Web Assembly takes off in a massive way, actually. Much harder to block ads if the site ships its own renderer and manages to hide or obscure its traffic. Then you're in to serious application-cracking territory if you want to block ads & tracking.
Web Assembly is just a runtime, like obfuscated JS it is sandboxed and still needs to access some standard APIs to at least conform to CORS. I don't see a problem to let plugins/browsers control `window.fetch` or whatever connection method the WASM code is going to use.
Not going to work against a CDN delivering all content through a websocket.
IMO Cloudflare's a huge threat to Google for exactly this reason.
I have disabled wasm in firefox and I don't intend to enable it ever. If someone wants to force "activex" on me again to use a site I won't use the site :)
It's absolutely going to happen. WASM isn't required for this future-- it just helps optimize it. There is a ton of money out there for the company who makes a performant and compatible browser-in-a-browser w/ proper accessibility. Somebody will eventually take the "deal with the devil" to develop it.
An obligatory link to an important talk: https://www.destroyallsoftware.com/talks/the-birth-and-death...
The problem with this sort of browser-within-a-browser black-hole, is that it will break screen readers and accessibility.
The way to fight this is to work together with accessibility advocacy agencies, like the ADA.
It doesn't bother me if ad-blocking moves towards OCR and computer vision. These things need to be created anyways because as blockers don't always filter everything I want anyways.
Personally, I would prefer to browse the web in reader mode. While we're at it we could do the have the same for PDFs.
I'd like to see (and might even work on), and overlay filter to plug that analog hole. This would probably be entirely outside of the web browser (perhaps as a custom VNC client) and would simply grey out ads and other obnoxious content. It wouldn't stop any downloading, but it might be smart enough to X out of those stupid pop-up ads automatically.
Easier said than done, of course.
For the record, I've no problem with "fair" advertising, the kind that used to appear in newspapers and magazines in the 1970s, for example. (Well, aside from its use as a virus vector.) But modern day web ads are simply abusive in too many cases.
That seems far more likely to me than I would like to admit. I can even see a rational that doesn't start that way, but with a homegrown solution in Webassembly it would be fast enough that you could write your own font and text layout algorithms that are better than what the browser does -- so your newspaper could do a proper justified text with great kerned headlines that would also look the same way in all browsers.
Then, naturally, there is no dev time set aside for copy and paste, because there is no business justification.
Those Web Assembly sites will still have memory accessible by the end user, ads will still be blocked.
They would need to server side render pages like a streaming game client would.
What about a dystopian future where sites only work via SGX-like secure compute environments that remotely attest the execution environment to the server?
That's effectively a future without the web at all.
How would the blocker know which parts of the memory to block?
The same way trainers, aimbots, and other hacks know which addresses are critical for exploiting game mechanics, by doing analysis of decompiled code and also searching running memory for known patterns and then patching them hot.
Don't websites compile on every page load, giving them the opportunity to obfuscate?
That's a bit different than a video game that was compiled only once.
The good outcome would be that after analog hole is plugged on the web, we can start plugging it IRL (if AR gear and/or spray paint drones mature by the time). Imagine physical space with no ads!
So, bring it on?
> Big sites will eventually convert to essentially "a web browser inside a web browser" so they have total control over the content and how it's displayed
Google's AMP technology aims to do this, although they will claim to have more altruistic motivations
Site needs to be compatible with screen readers otherwise you risk a lawsuit over ADA.
It's always a game of cat-and-mouse. No new technology will enable displaying ads that the ad-blocking crowd can't get ahold of eventually.
Perhaps some more web features should become opt-in via nagbars (e.g. canvas and wasm)
> Then ad blocking (and other customization) will be limited to "the analog hole" - trying to image detect or OCR things.
That doesn't seem too hard to pull off. You're not trying to find objects in an image, you're trying to find near-exact matches in a digitally rendered page.
People will just stop visiting such webpages where it's impossible to separate the chaff from the wheat, simple as that.
people already don't do this
for example: people who don't have adblockers (like everyone in my family except me)
1 out of 3 WWW users has an adblocker.
I won't visit websites with [a lot of] ads if my adblocker stops working. I'll simply stop using these websites. Just like before Netflix, I quit watching cable TV.
Thinking about it, I might as well go to Tor. Surely someone will copy/paste the plaintext content to some hidden service over there, just so the rest of us don't have to bother with ads. I might even be one of the contributors. If there is demand, there will be supply. And nobody is going to bother to "catch these copyright infringers" because nobody gets hurt, in contrast to someone selling illegal firearms or dangerous drugs.
I think I can only half-agree.
People who don't have adblockers are willing to put up with a heck of a lot. Agreed.
But if someone is not technically sophisticated enough to use an adblocker, they're also probably not technically sophisticated enough to find the actual content on a page and just give up.
I see this fairly frequently; someone with limited computer literacy goes to a website from Google, doesn't see anything relevant immediately (because of bad UI or really bad ads), and goes back to Google. Often the site even had relevant content when I look later, they just couldn't see it because they aren't as good at parsing website content.
There are so many websites with equivalent information, if you click on one and it's just garbage at first glance I think hitting "back" is more likely than "read and click on every ad and give them your SSN before downloading their virus scanning software".
Of course, but if they are not bothered by those ads that's fine too IMHO. And if the majority is fine with this (which I doubt, otherwise ad-blockers wouldn't be so massively successful), than I have to accept that too and go somewhere else.
> people already don't do this
Maybe not most, for now. But there certainly exist people who do this. I do, for one.
From the article:
> The very beginning of ad blocking is the 90s, just when the ads appeared. In 1993, GNN, the very first web advertising service, was launched. Then in 1994, the first-ever banner was sold. In the blink of an eye, the online ad industry was worth billions of dollars. Double Click emerged, Yahoo started to sell ads. And that's when the very first ad blocker was created.
GNN (Global Network Navigator) was not an advertising service. It was the first commercial online magazine. O’Reilly & Associates, the publisher of GNN, wanted to see if a website like GNN could be supported through commercial sponsorship. GNN’s ads were informational — much more like whitepapers than a display ads. (Wired’s HotWired site, which launched at almost exactly the same time as GNN in the fall of 1993, invented the banner ad, which of course is what most adblocking tech has targeted. Cookies for tracking didn’t come along until later.)
Source: I worked on GNN as technical director, and in fact my first job there, in the summer of 1993 about a month before we launched, was to assemble the first ‘ad’ — a set of articles about intellectual property law, sponsored by the now-defunct Bay area law firm Heller Ehrman.
I don't know if you spotted it, but they added your comment to the footnotes at the bottom of the page now.
> GNN (Global Network Navigator) was not an advertising service. It was the first commercial online magazine.
Isn't that the same thing? With a couple of exceptions, magazines are advertising services first and foremost, in as much as the overwhelming majority of their revenue comes from ads.
I don’t want to argue about magazines (or newspapers) in general, since it seems you have quite a cynical view there. I’d advise that you research common standards of journalism, including the concept of the editorial/advertising wall.
But I’ll tell you that the the existence of GNN itself, in 1993, was certainly not for the purpose of serving ads. Heck, as I explained, online advertising didn’t even exist at that time (besides a few misguided attempts on Usenet), so there was only conjecture that it might work at all, and lots of room to experiment.
Also, there was really no other economic revenue model accessible to us, other than sponsored content, as there were no online payment systems on the WWW of that era. Heck, there weren’t really any active websites at all — almost all sites (including GNN) were what we’d today call static sites. (As I mentioned, cookies came later, so there was also zero targeting of ads besides basic demographics of Internet users at the time.)
> I don’t want to argue about magazines (or newspapers) in general, since it seems you have quite a cynical view there. I’d advise that you research common standards of journalism, including the concept of the editorial/advertising wall.
My cynicism comes not from being ignorant of traditional newspapers but from having been very close to them. My experience is that people (in any industry really) may be decent, noble, and above any such influence on any conscious level, and yet they will nevertheless show an almost magical tendency to act in alignment with their economic interests, even when they seem to have reached their position on wholly unrelated grounds.
So a survey article about adblocking without mentioning the main ad blocker in the world (and their competitor), ublock origin. Well played! As for the history lesson, the main meta lesson is that adblockers need to be completely detached from any monetory incentives. No company, however noble, should be trusted at all. Only open source + community ad blockers have survived and flourished. Time and again, people have tried to make a quick buck by becoming the middlemen in the adblocking industry by promoting their flavour of ads, whitelisting ads, or just hijacking ads.
Sorry for that, we don't mind mentioning anyone, it's just there was no historical event that we could tie to uBO. I'll ask the author to add a footnote about uBO and others we missed to mention, we love them all.
upd: done
I haven't read the article, and I'm not what you'd call well-versed in the history of ad blocking.
But even I know that uBlock was bought out and introduced 'acceptable ads', and that uBlock Origin became the community fork which maintains the spirit of the original uBlock.
That deserves more than a footnote, imho.
Acceptable ads was introduced by adblock plus, and it remains their primary revenue source.
uBlock is the original version of uBlock origin. Both were started by gorhill4 (sp?). Gorhill got sick of the constant support burden of people coming into his repo and reporting unblocked ads, which he then had to redirect to the filter list repos.
He handed the entire project off to some teenager with little programming experience. Said teenager did little but make a new website and request donations, core work basically halted.
Afterwards, gorhill got sick of seeing his old project be abandoned and get a bad reputation, and forked it as uBlock origin.
Thus, uBlock origin is not a community fork.
Acceptable ads deserves being there, you are right.
This was the first attempt at finding a compromise with advertisers, hated by a huge part of users and advertisers at the same time. But it was launched by Adblock Plus in 2011, long before uBlock was developed.
If I can't block the ads on a page I'm simply not going to visit it ever again. I've never seen a website that was actually necessary for me to visit that had ads or couldn't be blocked.
I feel the same. There is nothing on the web I need to read so badly that I am willing to put up with advertising to get it; I can just go waste my time somewhere else.
Commercial companies being able to force themselves onto our consciousness is unacceptable.
Personally, seeing ads in public spaces feels just like in totalitarian countries you would see large portraits of the supreme leader or government propaganda. Somehow this is legitimized because they're private corporations. Not in my book.
More power to ad blocker authors, and a particular shoutout to:
* Raymond Hill of uBlock Origin fame: https://github.com/gorhill/uBlock/
* The EFF, for blocking trackers and other 3rd party nasties with Privacy Badger: https://www.eff.org/privacybadger
Websites started off with a glass storefront and an open door. You kinda had to poke your head in the door to look around to see if you wanted to go in. Then the glass storefront had some sales prices shown. Then slowly you could no longer even see the glass storefront for all the ads. Then the spinning sign men showed up to annoy. Now, there's a bouncer with a clipboard blocking you from getting in.
It's mostly just not worth the effort any more unless you have an ad blocker in some form.
This is a really good metaphor.
Who is honestly clicking on all these ads that makes advertising worthwhile?
I am honestly baffled sometimes how this all works... In my 30+ years of internet usage in one form or another I have rarely, rarely, rarely ever clicked on a freakin ad. Yes, I've generally had them blocked for the most part. But when they aren't blocked, I see what the content is and why would I even want to click on one!
Color me confused who is keeping the web running by clicking on ads.
I'm fairly extreme about ad blocking. If I'm aware of seeing an ad anywhere (street, web, cinema), I put the advertised product on a block list and will never buy it. This isn't quite as restrictive as it sounds because I have the facility to mentally tune out ads in public spaces almost completely.
If I were typical, advertising would collapse almost overnight.
The lesson I take from that is that we're just not the people advertisers are aiming at.
Part of me thinks theres an internet ad bubble. I think its really hard to know how much value an ad provides, so it gets handwaved as being critical to success and worth tons of money. A lot of big internet companies rely on ads or provide services to companies that provide ads or make it easier to use ads.
I wouldn't say that ads are completely ineffective (there's a significant chunk of the population that doesn't resent ads like we do, and will actually click on them even if they're aware that they're ads), but I agree that there's definitely a bubble going on.
I've seen many non-tech people search for a certain brand or product, and despite it being the first non-sponsored search result, they will instead click on the sponsored result/ad ad the top even though it's the same product.
The above causes the metrics and conversion rate to look great, so the waste of oxygen that is the marketing department can justify their salary and budget, the ad providers and all the ecosystem around it also gets paid, but at the end of the day that ad wasn't actually providing any value because the user already had the brand in mind and only clicked the ad by mistake.
I work in the financial industry and even if the CAC is really high (100s of dollars) it still pales in comparison to the income we get on average from the new customers.
I don't work in marketing but even if I personally hate ads, they unfortunately work really well especially in combination with facebook/googles profile on everyone and the fact that they seem to learn who clicks a certain ad after a few days and only display it to that group.
I think there is just a sub population where ads are truly effective. Look at all the blatant misinformation that gets shared around sites like facebook.
Even before social media and the intrusion of internet use in our lives, people were buying enough crap off of QVC to keep that show on the air (and still are).
this is outdated by something like a decade, at least. reach aside, the whole draw of internet advertising is that you can actually quantify the effect of your ads and tie them to real revenue events
I suppose it's fun to think that billions yearly are being thrown into the bonfire, but that's just not the reality
Anectada: Facebook ads have been able to figure out the kind of clothing my girlfriend likes and comes up with very relevant clothing ads now. These ads do get clicked on, once in a while, and result in actual sales.
I think the reason the advertisements have become so good at targeting her is because she likes looking up clothing on Pinterest.
Lots of people. I'm responsible for a few hundred dollars of consumption from my Instagram ads for festival gear.
We send each other concert ads over Insta far too often for it not to be effective.
Either way, though, neither of our experiences tell the whole story. The truth is in the metrics and I used to be in the ad tech industry. The metrics are solid. Especially on the guys who own the platform: Google w/ search and Facebook which just attracts users like nothing else on its properties.
I miss the days when barely anybody blocked ads. Those of us who did didn't have to worry with defeating anti ad block systems.
Before I used an ad blocker I encountered a lot of malvertisting[0]. Now that I use an ad blocker and set it them up for friends and family random virus attacks, bluescreens, and other types of issues are a thing of the past.
I understand not all advertising agencies are responsible for this behavior but when these types of attacks can occur on mainstream websites such as Forbes[1], I frankly cannot trust any ad network to not infect my computer.
[0]:https://en.wikipedia.org/wiki/Malvertising [1]:https://www.engadget.com/2016/01/08/you-say-advertising-i-sa...
I'd take the little minigame ads that gave you a virus over the blatant propaganda that appears today, to be honest.
uBlock Origin is shockingly competent at defeating those "please turn off your adblocker" warnings.
On most sites, at least. There are a few out there that go well out of their way to be annoying. Facebook likes to construct their ad text out of multiple randomly-named divs. TVTropes uses randomized IDs on their ad popover.
They seem to do this for more than just straight ads. I use uBlock Origin to filter out the "Stories" div. It comes back every week or two.
Is this with default settings, or did you add another filter list for those?
And if uBO doesn't cut the mustard, you can set up Nano Defender to work in tandem detecting this stuff, though it is a manual setup.
Though I personally can't tell how effective it is, since I also run Bypass-Paywalls and uMatrix, so I don't know how much credit to give to those extensions.
Sometimes it breaks a site and needs fine tuning of the settings, but its easy enough, and I've never found an ad or paywall or cookie popup or anything that I couldn't zap away.
The only blocking I do is turning off video autoplay in firefox (that sites like Tumbler somehow get around).
Yet the Washington Post blocks me as using an ad-blocker, possibly because I'm using Linux, possibly because of no autoplay. But altogether, it seems like anit-adblock efforts are going to start having more and more collateral damage.
Basically ad blocking makes the internet useful again. I am no longer bombarded with popups or distractions. Therefore I won. Tracking is pathetically useless on the internet. It's easy to screw with the metrics and your "profile" but even without doing so tracking is simply snake oil
There is a great paper on the arms race between Ads and Ad Blockers out of a group in Princeton.
They propose a perceptual ad-blocking scheme where ads are always rendered in a DOM, but elements only displayed to the if they are not "ad like". This is makes it much easier to evade ad-block detectors, since your browser appears as if it does not have an ad-blocker! https://www.cs.princeton.edu/~arvindn/publications/ad-blocki...
The alternative to the arms race is to stop having browser extensions. In a browser like chrome made by an advertising company with 80% of the browser market last I checked, the results could be devastating for the vast majority of internet users. We nerds will always be fine.
Mobile will of course fare far worse unless you root your device, for ios and android. Can't wait for the inevitable day where the unskippable 10 min youtube ad pauses if I look away from the screen...
There is another interesting paper on a similar topic that proves that this approach is vulnerable to different adversarial attacks, for instance, you can make it block legitimate content, or you can conceal ads by adding an overlay invisible to a human eye.
Ad blockers were born earlier than the Internet and personal computers.
---
A Personal Computer for Children of All Ages
Alan C. Kay
Xerox Palo Alto Research Center, 1972
https://www.mprove.de/visionreality/media/kay72.html
>A combination of this "carry anywhere" device and a global information utility such as the ARPA network or two-way cable TV, will bring the libraries and schools (not to mention stores and billboards) or the world to the home. One can imagine one of the first programs an owner will write is a filter to eliminate advertising!
I don't turn off my virus blocker for anyone. No way no how no sir. Sites that refuse to show content without opening up for viruses are intrinsically suspicious, no matter how fancy their brand name.
When adsense first came out it was text only and ads were actually fascinating and interesting to read. They were regulated and meaningful.
Then images and javascript were eventually allowed and it was all downhill from there. Now it's a race to the bottom of how many hundreds of external objects and tracking that can be added to a page as well as malware since so many badly behaving ads slip right through any attempt at automated bans.
I don't block ads but I do block all javascript by default. They are essentially synonymous now.
"It means that an ad blocker of the future will have to monitor traffic of the entire network." (towards the end)
This is already a concern in the DNS world, with Response Policy Zones (RPZ) on one hand for DNS-based control (https://dnsrpz.info/) and DNS Over HTTP(S) (a.k.a. DoH) on the other.
Here's another history (the dates in the OP are fuzzy). https://www.thedrum.com/opinion/2019/12/20/monetizing-the-ba...
I wonder if the legal action against AdBlock Plus / Palant made a dent in the download or use of ad blockers in general. The article doesn't provide any evidence of this.
Also - don't get your apps on Google or Apple's app stores! Use APKMirror, APK pure, etc. Some of these even have app-store-like apps to use instead of Google's, that don't need a Google account.
Also, there's at least one app "store" app specializing in FOSS purely: https://f-droid.org/en/
I feel like the article is missing an important milestone about release of Brave browser for Android circa 2017/2018 (it's only briefly mentioned at the end).
It changed the landscape on Android in my opinion: it was the first browser that was as good as Chrome (fast, same look & feel -- being a fork of Chromium -- plus regularly updated and having strong, credible technical team behind it) but also having ad blocking built-in and other additional privacy measures. Soon Opera added ad blocking as well, and other browsers (except Chrome) followed.
You have your timeline backwards. Opera was the first browser to implement a built-in native adblocker in 2016. Here is the blog announcement: https://blogs.opera.com/desktop/2016/03/opera-built-ad-block...
Opera was and actually continues to be a pioneering browser with many "firsts" over the years. I was an avid user of it for a decade but I am saddened that it has become surrounded in controversy with a shady Chinese owner and predatory loans and stopped using it two years ago.
https://www.engadget.com/2020/01/19/opera-accused-of-predato...
Good catch! Here's a better link specifically talking about mobile: https://blogs.opera.com/news/2016/06/ad-blocker-android-ios-...
Samsungs browser also has adblock
I personally think we're nearing the end of a golden age where sites can support themselves through advertisements that 90 percent of users see while we, the nerds, are able to easily block almost all the ads. The more widespread blockers become, the more incentive there is to create unblockable ads, e.g., YouTube inserting a video ad directly into the video stream so that even if you had some kind of content-aware AI blocker running you still wouldn't be able to continue your video until the ad is over and the unedited stream resumes.
Please correct me if I am wrong here regarding Ghostery functionality: In current Firefox & Vivaldi versions it behaves as you would expect....blocks ads according to your settings for every tab load. But in chrome, the default behavior (assume chrome induced) appears to be to auto disable the plugin until you manually re-enable the plugin then reload the tab....repeat process for every new tab load. Do I have a Chrome setting misconfigured or is this another example of Google's "what's best for you is what we say it is" attitude?
how's that related to parent's question? I can't find a correlation. are you suggesting he not use chrome? that's isn't much of an answer.
parent: I've not seen this problem. I only use chrome on mac. maybe on windows/linux it's doing something differently. as each new tab is a new process, it smells like a goofball file system permissions issue to me. does it still happen if you create a new profile?
it works as you'd expect both with google sync on, off, paused, and never-been-setup for me.
hard to imagine that this isn't some bug of installation for you. there's no way this would be tolerable behavior and if it were because of chrome per se, there'd be lots of uproar so you'd find your answer right away.
Yes, agree, expect would have seen more of an uproar if this was wide spread. Was trying to stay out the troubleshooting rabbit hole, thus posting the Q here in case other have observed the same. Still, with the other browsers proclaiming more privacy features and google somewhat begrudgingly trying to slow that conversation its hard to know what to expect in chrome without going deep into their roadmap.
Thanks! Had not seen this. Will look into.
> Now it’s surprising to see a lot of comments like: "Why do you need an ad blocker? Just use the hosts files".
I often wonder if people realize that they’re being that person.
I guess we all know Chrome on Android doesn't support extensions in order to prevent ad blockers. If there wouldn't be Firefox, Chrome on desktop would have surely limited ad blockers as well.
Is part of a digital detox turning off java by default and enjoying the Text Web in its full glory?
What do you estimate the cost is annually for all of the wasted bandwith (especially mobile data) on predatory marketing?
I remember using Naviscope and sometimes dealing with DNS blocks with the hosts file. Those were the days. (I had a very rudimentary ad blocker via my web browser back in the days [404Browser])
No one (or a much lesser percentage) would use an ad-blocker if ads were just ads, without all the tracking, privacy and malware concerns.
Go back to contextual static-image ads, folks.
1. Click
2. Open network panel
3. Google Analytics
4. Close tabs
It's disgusting how so many so-called privacy advocates can't even get this right even when talking about privacy.
> 2015 — Content blocking comes to Safari and iOS
typo. He means "Safari on iOS". Safari on desktop had normal extension-based ad blocking since day 1. Then the content blocking API came to iOS then later the same API in macOS.
> • No debugging tools
perhaps in 2015 -- I wouldn't know -- but today it's certainly debuggable with the help of a macOS host. Much like remote gdb.
> The maximum number of rules limitation is a huge problem,
not a problem at all. rules limitation is per filter but each adblocker can install multiple filters. I suppose the rules limitation is for latency reasons, in case of a poorly designed blocker.
> It was disproportionately hard to maintain a completely different filter list for Safari alone.
Completely false. filters are regex's. It's trivial to use the same source list with whatever filter technology.
I guess because this article is content marketing, and not academic research, these errors (and omissions) are ok. But I do wish, that given the title, the author had bothered to mention that Bing inserts ads that are not blockable via simple URL filters. adblock+ currently doesn't handle them and I believe they are not handle-able at all via the Safari content filter API. By extension => ad blockers are doomed. So yeah, he's not going to say that because he's selling an ad blocker ...
1. The only debugging tool we have is the browser console, and the only thing printed there is the blocked URL, you cannot even find out what rule did that.
2. The maximum number of rules IS a problem and it is there only because the current implementation consumes to much memory and slow to compile a content blocker. WebKit devs may allow us to pull request an alternative implementation (there’s an ongoing discussion on bwo), and if there are no performance issues, the limit will be increased.
3. Regarding maintaining a filter list, traditional blockers do not use regexes unless it is really really necessary. What’s written in this post is by people who maintain filter lists for over 10 years.
This is from an ad-blocking community and shows that Apple is NOT serious about supporting ad-blocking and is in fact even sabotaging it on Safari:
> uBlock Origin was ported for Safari in 2016, and was updated regulary (mostly changes from the main project) until 2018 when development completley stopped. Since then Apple has begun phasing out Safari extensions as extensions, and has instead been implenting a new extensions framework which is extremley limited in adblocking functions, only allowing "content blockers", which are just links bundled as an app which Safari enforces. From Safari 12 / macOS Mojave, old legacy Safari extensions were still allowed, but came with warnings saying that they will slow down your browsing (they infact won't, or at least not noticably). ... Though it is still curently possible to install uBlock Origin by downloading the extension from Github (edit: must follow these instructions, it will not be starting from Safari 13 / macOS Catalina, when the legacy entension API will be fully deprecated.