141 comments

[ 4.8 ms ] story [ 195 ms ] thread
Yes, ads are too big a vector for malware to ignore, so turning on ad-blocking is non-negotiable.

That being given, the only alternative for NYT and friends is for subscription which they don't have the taste for, since it gives them the true value of their journalism.

The difference in this true value, and older ad-based value: their take from the revenue-sharing agreement with malware-creators. We just got better with dealing with malware, and their malware based revenue took a hit.

It's strange that the most simple and elegant solution to ad-blocking, self hosted ads are not considered by anyone. Magazines and papers have always done this in print. Yes there is overhead, because you have to handle the content manually and it's hard, even tough not impossible to measure impressions. But with print it's always been this way and now the media industry wants to both have the cake and eat it, because they don't want to handle ads but they want the revenue.

And maybe I should clarify, how does self-hosted ads solve the problem?

- It's hard to block ads on the same domain as the main content.

- Just loading an image with an ad is not as much of an performance hit as javascript loaded tracking ads and thus should not annoy users as much.

- More secure, because you can not hack one single ad service and distribute mallware to thousands of sites. Besides, the solution is less complex, and complexity always leads to bad security.

Ah, my naive friend. How can an advertiser know it's not being shortcharged? Having a "neutral" third party helps here.
The same way it works with newspapers, I'd say. Check that it is there when you expect it to be there.
Even with newspapers advertisers don't simply accept the circulation numbers that the publishers report. They pay third parties to provide independent numbers. It's not just about whether the ad appears but rather knowing how many people saw it.
So maybe there could be 3rd party company to check such things. Also ads could be sold at auction. I.e. auction for 24h display of ad in header from $1 on some news site.
Actually that's not a bad idea. Why not hit the site that the ad's are reportedly on from some IP addresses unknown to the ad provider. Do this over and over again until you have enough data to assume that say 1/5th of impressions are you then compare that to a neutral 3rd party source (Google Analytics comes to mind) of the total hits for that day. 5000 hits / 1/5 of those are impressions of your ad = 1000 impressions. Compare this to the numbers provided by the ad provider itself. All you'd need to do is spot check and it should keep everyone honest. I'm surprised people don't do this already.
Independent Auditing happens in all kinds of industries and for all kinds of reasons

There is no reason a neutral 3rd party can not review logs, software, or other data to ensure in house ad metrics are accurate.

Advertisers can track clicks very easily on their own via google analytics and other platforms. What's so hard about that?
Because if it's CPM, then you're paying for users on the publisher who simply view it.
Advertisers have not cared much to date. For example the amount of money they pour into Facebook ads despite massive click fraud.
They could always use a platform that is pay-per-action, so that you aren't paying unless people actually buy things.

(I work on the ad systems team of an affiliate marketing company, where essentially all advertisement contracts are done on a PPA basis, rather than PPC)

Ads really need to be put on a diet.

* Either a /static/ image or colored text

* Normalized (re-packed, stripped of all other data, etc)

* Vetted by a human somewhere to not be 'misleading in appearance' (not checking facts, but making sure that it doesn't look like a download button or anything else not obviously an ad)

* Based on the content of the context and nothing else (you can bake them statically based on the story and/or comments thread on the page)

Yes, the vetting part is also important. As it is now renowned newspapers are serving ads that are border fraudulent, and I don't really understand how they are putting their reputation at risk this way by letting third parties publish non-vetted content on their site.
I'm wondering when the Google Play Store wild west era will end. I've seen numerous apps containing ads with text (e.g. "Install Candy Crash!") laid over borderline pornographic images that have nothing to do with the advertised service. I guess it catches the eye?

I don't think shifting responsibility to publishers is the answer. A half-serious idea would be to have a neutral regulatory body issue "licenses to advertise" but how long until corporate interests took that over?

"I don't really understand how they are putting their reputation at risk this way by letting third parties publish non-vetted content on their site."

I read it as a measure of their financial desperation. They're eating their seed corn (their reputation is their most valuable asset in that without that, what else do they have?), and, well, what other choice do they have? HN has been talking about the other choices for years, but every time I see someone try one, they sink.

I agree it's a very good idea. This would also promote more local ads than big commercial ads.

At the end, I know they need to get money but ads don't serve any purpose. I mean I never buy product from ad, I have only things that suite what I have search 10 minute ago. Why putting ads for that? I already know the product and this will never push me to buy something.

Try telling this to anyone in the ad marketing business. They'll claim their tactics are extremely effective. Regarding "I never buy product from ad", they'll tell you "yes you do, we're manipulating your subconscious and you don't even know it's working!".

Really, they're mostly spinning a web of lies that keeps them employed. You won't find employment doing this for a living if you don't pretend like most of what you do really impacts everyone.

I'm one of those people who will actively abandon products that market too heavily or with material that manipulates its consumers. I switched away from Dove soaps/shampoos back when they started their viral "Campaign for Real Beauty" shenanigans. Pretending you care about your customers' self-image problems... to market soap... turned me off.

There's two types of advertisements - Direct Action marketing, where they want a very specific outcome out of the ad (to buy something), and 'brand advertisement' where they just want you to be aware of the ad.

It's the difference between Coke & Budweiser, and Squarespace & Geico ads.

But then tracking and targeting is not possible.
Targeting is very much possible, just as with magazines. If you have a recipes site you could have ads for kitchen tools. If you have a music site you have ads for local events. If you have lifestyle magazine you have clothing and interior ads. I would even go as far and say that this type of targeting is better then now when you go to a webshop, search for a product and suddenly starts seeing that product plastered all over the web, often even after you actually already bought the freaking product.
> But then tracking and targeting is not possible

That is kind of the point. Online ads should go back being exactly like print ads are. Sold individually, static, untargeted and un-trackable. Not because the ad-networks, advertisers or site owners think its best, but because its the only type of ad that the viewers will accept eventually.

I work for a 'big online old media company' and can offer some insight for all of this. First up, I strongly believe our industry has dug ourselves into the hole and really fucked itself over. Daily I use an adblocker to make the internet faster and easier to use (which is ironic because I'm the one who implemented the 'plz disable adblocker' banner on our site and i see it every single day http://i.imgur.com/xQza4fS.png)

Problems with self hosting:

- It's super duper hard to change the status quo. For them, the current solution 'works fine', once they fight the supposed evil that ad blockers are. Trust me, I fight for this sort of stuff and they just don't understand things the way we do.

- You can't do as much or sell ads for as much. You can charge more if you know more data about your visitors and can sell the ads to clients under the impression that it'll reach the exact demographic they're looking for.

- For some companies, it's already too much of a chore to have an in-house dev team to manage the content website. Have to have _people_ manage all these self hosted ads is not appealing to these companies. Very similar to AWS vs self-hosting

- An image is less interactive, so you can't sell it for as much. Those big fancy ads that are interactive are sold more many many more times the price as just a single jpg more.

- If you're 'lucky' to work in a media org big enough to have a sales team, even they don't sell out every single ad placement all the time - there's a big tailed on these states they still want to monetise and ad networks helps them do that.

That aside, things are changing. Everything on our site happens over HTTPS, which is a plus. We do win 'arguments' to move things in-house and not served from an ads network, where appropriate. We have an in-house 'studio team' who creates custom campaigns and creatives for clients, and they're almost entirely self hosted.

Would it help to have an off the shelf, self-hosted ad platform available? Perhaps a plugin to an existing CMS?
That might help, but it depends what problem you're trying to solve then - if everyone was using the same platform, then it would be easy for adblockers to block it.

If part of your pitch is that you avoid adblockers, then once you get big enough you'll constantly be fighting an uphill battle.

I was just thinking of ye olde self-service in-house ad vendor, server, statter. If the static ad assets were coming from the same domain, how would an adblocker notice them?
well instead of blocking googleads.com/, they would just block nytimes.com/googleads/

Obviously in execution it would be different, but I hope you get the idea.

Edit: I think self-served ad platforms are one way forward, but it depends on what problem you're trying to solve.

If I were designing this system, the paths would look something like nytimes.com/e2be6560/d570/xxx-yyy-zzz(.jpeg/.js/.html/etc).
This response is right on the money.

I'd just like to add that almost all the problems with malicious ads are caused by ad networks that are used as "backfills" for when the in-house ads aren't booked. Backfilled ads are not inspected and can contain everything, but they are also needed because otherwise you'll have unsold inventory.

One thing that is starting to become more common knowledge is that ad space is a commodity. Typically commodities are auctioned or sold on exchanges. I would think it should be entirely possible to not have any backfill by having the prices for ad impressions fluctuate on an exchange (I realize ad exchanges already exist, it seems they just need to make it into these situations).
Exchanges are these backfills.

When we don't have a big sponsor for a section of our site, or haven't had enough direct sales for certain placements, it goes out to the ad exchange to action the spot off. That's where the problem is. That's somewhere we could start enforcing certain quality.

Exactly! Larger ad inventory purchases are still largely sold by salespeople with written contracts.

Ad exchanges and real-time bidding (RTB) are only causing a problem for people working in the media space because on the one hand if you don't have them you lose money, but on the other hand it's like gambling in regards to the quality of ads that will be served.

Are there salespeople in this area anymore, or is it all automatic? Shouldn't the salespeople be working harder to sell unsold inventory?
Of course there are salespeople. When the country's leading air freshener brand wants to buy out all premium ad placements for a section of a website as a part of an integrated tv/online/outdoors campaign, they're going to want a salesperson to work things out with.
And yet an excuse is auctioning unsold inventory to unsavory networks.

If I was buying a box of cereal, "we couldn't source enough reputable corn, so we topped it with melamine" would be the death of that cereal, for me.

(And yes, this is buyers at the cereal company instead of ad sellers, but it's the same: the hypothetical cereal company was not able to "sell" enough of its money to corn suppliers.)

But yet as a developer "i don't write good enough code, so we have a massive test harness to catch any bugs I might introduce".

Of course the goal is to operate at 100% efficiency, but in reality that's not going to happen all the time. Backfill channels like this are a way to make at least a little bit of money when sales a slow for a bit for whatever reason.

In terms of the problems the online media industry faces with advertising, the efficiency of in-house sales teams is not a huge priority atm.

And so I block. :)
I am wondering how much $ those backfilled ads make though? In my (limited) experience they are really not worth the hassle even on high traffic sites. We resorted to just showing special deals of our own product in unsold inventory spots.
You know... with uMatrix you can block the 'please dont adblock' element specifically so you don't have to see it anymore.
But you see, then when I present our site in front of all the big important people, I can't showoff my use of adblocker then.
Just open it in some other browser without the adblock, problem solved.
The change is starting at places like 'The Deck', where they only sell ads that don't track anyone - no Javascript or Iframes.

http://decknetwork.net/privacy/

To use The Deck a business would have to knowingly generate less revenue in exchange for user privacy. I don't see many companies doing this.
Self hosted ads would change nothing when it comes to blocking. Some ad servers allow you to proxy all the requests through your subdomain, but ads still get blocked. CSS selector based blocking is widespread and adding another `.sidebar > .ad` rule to adblock is no big deal.
There's no reason why the ads and the CSS for them can't be served by a small proxy application that runs on the server(s) of the site, and works by changing the name of any selector to a random string on every page load. Potentially it could also generate random DOM nodes in the HTML so xpath based blocking wouldn't work either.
I suppose you could have a stateful adblocker that looks for the element changing between page loads, and ignores the randomly generated elements that aren't visible to the user. Of course it would only work the second time you load the page. The adblocker could load a second copy of the page in the background, and then update the DOM of the first page after it determines which elements were regenerated.
That'd be an interesting approach. I like the idea of diff'ing a page to detect sneaky ad injection.
An interesting idea, but it would be difficult at best to prevent false positives on sites with dynamic elements.
Those random DOM nodes will probably be easy to recognize because they can't affect how the final page looks. If all else fails there is still the option of rendering the page, using image-based add detection, and killing/hiding the associated DOM nodes.

There are only so many ways to obfuscate your DOM without screwing up the page layout and making your UI people angry. The battle against add blockers cannot be won.

The battle against ad blockers cannot be won.

I strongly believe that the ad industry will die, at least in the sense of what it is at the moment. Fighting ad blockers is its death rattle. That doesn't stop the technology being interesting though. Quite the opposite in fact, as a developer I find it fascinating.

I can see it getting as bad as to demand that much of the content itself be an image, with ads stitched in server-side before serving the whole thing up.
Server Side Ad Insertion platforms, like Brightcove Once[1] are exactly this - dynamically inserting ads into the single video stream for VOD content. It makes it really easy to implement a video player with ads, as well as having the handy side effect of being difficult to block the ads.

[1] https://www.brightcove.com/en/once

> It's hard to block ads on the same domain as the main content.

Well, I'm sure that it would not be impossible:

- ads are the changing part of a webpage, so they can be identified

- ads could be collaboratively removed, by allowing the user to select the ad, then send its fingerprint to a central entity, so that others can benefit

- AI techniques could be used to identify and remove ads.

I self-host the ads on my site in addition to selling the space directly.

Because the content of the site is narrow (photo tours of office design projects) it ends up attracting a certain group of people who are interested in office design and office furniture (self-targeting if you will).

Social media (Facebook/Twitter/Instagram) ads are self-hosted, and while they evade adblockers it has not kept users from being annoyed.
Uh, self hosted ads get blocked too - just check a popular filter subscription.

Any moderately popular news site will have filter authors going out of their way to block their ads in the filters regardless of URL domain.

I feel like there's this myth that adblock is just trying to block "bad" ads, but the evidence shows most blockers really try very hard to block all ads. Trying to stay one step ahead of that is a losing proposition for media companies.

NY Times guy is still justified. No, his company should not serve malware. But if I get malware and it hijacks my machine, that means my browser and machine were both insecure. An ad blocker seems to me to be a bizarre way to make up for an insecure browser.

People get this odd vehement behavior when told that companies that depend on ads won't like it if you block their ads. The grown up thing to do would be to stop using these companies if you dislike their stance against your ad blocker. Instead there is this childish whining, as though people are entitled to free news without ads.

Browsers are insecure. Fact of life. A lot of work is being done to rectify this; but in the near future, this will continue to be the case. Meanwhile, using ad blockers for security may seem bizarre, but it works.
Judging by your post you seem to have no knowledge about computer security.

There is probably no internet-connected workstation today that is safe from malware, so one needs every bit of protection they can get.

Not running an ad-blocker or even better something like the Firefox protection tracker is foolish.

This is like claiming a firewall is unnecessary because properly-configured software should be unexploitable. It's correct in a certain sense, but it ignores that configuration is terribly difficult to do correctly, hence the idea that security should be layered.

Ad-blocking is a security layer; browser configuration is terribly difficult to do correctly.

> This is like claiming a firewall is unnecessary because properly-configured software should be unexploitable. It's correct in a certain sense, but it ignores that configuration is terribly difficult to do correctly, hence the idea that security should be layered.

I actually agree with that. Firewalls are often incredibly complex codebases and usually written in C (with a rationale of the need for performance). Exposing such a thing to arbitrary internet traffic virtually guarantees exposing a vulnerability.

Just don't open network ports except for services that you want to expose to the network. If you really need to expose an insecure service to a limited set of machines, use a VPN.

(comment deleted)
Your computer is insecure. Mine too. Even if we applied every single patch from your OS vendor and application vendors we're left with the undisclosed vulnerabilities sold by black hats to malware writers. The ad blocker is a prevention system to limit the exposure of out computers to attacks.

There isn't a list of sites serving ads that carry malware so we have to block everybody, sorry for them all. If there were a blacklist of notorious malware carriers, much like the one for spammers, we could use it to mount a blockade. Maybe it's really the right thing to do. I'm afraid it will include most of the news sites.

Every time someone posts something like the parent comment, I just assume they're using Urbit or TempleOS and move on.
Looks like Indian newspapers are ganging up on their readers to force then to turn off adblockers. Goodbye, TimesOfIndia and HindustanTimes!

https://news.ycombinator.com/item?id=12007472

Clicking on an article in timesofindia takes you to this:

http://timesofindia.indiatimes.com/blocked.cms

How do they manage that? I imagine they'd use JS to check if the ad loaded maybe, can it be beat by just disabling JS entirely for that site?
Yes, it can. In uMatrix:

hindustantimes.com www.hindustantimes.com script block

indiatimes.com timesofindia.indiatimes.com script block

lets you get past the blocker.

(comment deleted)
Security but also readability is why I use addblocker. Sites I like that does not interfererar too much with adds, then I turn addblocker off for that site. However, way too many sties gets unreadable and are annoying to go to because of how adds are used and thus addblocker is very nice.
I know this is an unpopular opinion, but what makes you different from someone that walks out of cabs without paying because "cab drivers are dangerous and it's inconvenient to have to pay after i'm at my location"?
Because you are hogging the cabbie's time and car. The potential income lost by having a cab drive you around for free is several orders of magnitude above the digital version.

Now, comparing it to free-riding a subway/bus service on the other hand...

Well, let's compare it, because that is a much better comparison!

Every time i bring it up i get downvoted, but why is blocking ads but still consuming the content okay? I'm genuinely curious.

To me it really feels like stealing. Like sneaking into a movie theater/concert/amusement park without paying, or like you said free-riding a subway/bus.

And when looked at through that lens, many of the excuses people make seem comical. (Ads make pages slow, they are ugly to look at, I don't agree with the business model). To me those excuses sound like saying "I don't think the movie is worth it, so i'm just not going to pay" while walking into the theater, or walking into a concert without paying because "waiting in line to get a ticket takes too long, so i just won't".

I'm hoping to have an actual conversation here and figure out why I feel so differently about this than many of the people on here do. What am I missing?

It's a stream of bytes sent to my computer. I have the right to look at as many or as few of them as I wish.
I understand that you have the capability of doing that, but why do you have the right to do that?

Why is it that you morally think it's okay to just consume content others have created without paying?

I think publishers broke the moral contract first by making the distribution of malware and supporting Internet scams their primary business model. Once they broke the moral contract, we responded by developing ad blockers to protect ourselves from their maliciousness. I think if publishers stopped distributing malware, misleading ads, and Internet scams, then there would be far less demand for ad blockers. They created the problem, it's up to them to fix it.

Unlike a subway ride, it's impossible to tell whether a website has ads or not before you visit it. So I can't know whether I've violated the morals you're talking about until I already have done it.

I think publishers are welcome to create adblock-blockers, and I don't have any interest in working around them. I suspect it's not a feasible business model, but that's their problem, not mine.

> I think publishers are welcome to create adblock-blockers, and I don't have any interest in working around them.

And i'm fine with that as well. If you want to block ads that's cool with me, but don't expect to get the content as well.

You see, there is a problem calling website pages "content", unless I know what that articles contains there is no way for me to know if it is of any value or not. Serving malicious ads and slowing down my internet speed just adds insult to the injury. I don't think it's okay to block adblockers, this is equivalent to discrimination IRL (e.g not letting someone into the restaurant because of their religion or skin color etc). If they want to get payed by the readers, there's always subscription model (lock it behind the paywall), don't discriminate me because of the software I'm using.
If I start a news website, and I give you 2 options:

1. Pay $1 a month to view my content without ads

2. View ads

And you block ads without paying, i'm going to block you. You seem very pragmatic about what is best for you and your PC, well this is me being pragmatic about it as well.

If you block ads, and don't pay a subscription, you give me no value. It only costs me money to serve you content. So you aren't getting served content if you are going to be blocking ads.

It's not "discrimination" any more than a movie theater only letting people that pay in is.

> If you block ads, and don't pay a subscription, you give me no value.

If you implement it on your backend, without me needing to run your adblocker blocking js code, which I will block. I'm okay with that if you implementation is based on your servers, you just can't decide what software I will or will not run on my machine. So even you implement some form of Digital Restriction Management one would still find a way to circumvent it (against the law in many places), actually one should do it as a form of civil disobedience. People should control their own technology, not the other way around.

> I don't think it's okay to block adblockers, this is equivalent to discrimination IRL (e.g not letting someone into the restaurant because of their religion or skin color etc).

Oh my god it's not even close I can't believe you said this.

In my country, there are a couple of newspapers distributed for free in train stations. These newspapers are purely financed with ads. Is it my moral obligation to read every ad in the newspaper to make sure they stay profitable?

I used to watch satellite TV when I was a kid. Most channels I watched were privately owned and purely financed with their (extremely long) ad breaks. Is it my moral obligation to sit through every single ad break?

My answer is no, that's ridiculous. If a company decides to offer content for free, it is not my obligation to make sure their business model stays lucrative. It shouldn't be anyone's obligation to consume every last bit of content someone offers only because it's given away for free.

Because "The custom and practice of the web has always been that publicly accessible pages are served without payment"

The publishers are not offering content subject to a fee (which I am not paying). They are offering content for free, and also offering ads for free.

Accepting one of their free offers, and rejecting another of their free offers is not the same thing as "just consume ... without paying"

Some news sites do offer their content subject to a fee, and if they were interesting enough then I would pay that fee. But, because none of those sites (that I have encountered) are worth it, in comparision with the freely-served pages of the net, I choose not to pay those sites, and forego their content.

But if they are not explicitly charging a fee, then we fall back to the default custom and practice, which is that they offer content for free, and ads for free, and I have the right to accept as many, or few, of those offers as I like.

>Accepting one of their free offers, and rejecting another of their free offers is not the same thing as "just consume ... without paying"

There's a bit of mental gymnastics there, but I get what you are saying. I still don't agree, but I get it.

I just feel that if you asked, 99% of content creators would not see it like that, in the same way a store isn't "offering you a product, and the chance to pay for it".

I just feel that if you asked, 99% of content creators would not see it like that

<insert obligatory quote which allegedly originated with Upton Sinclair> Of course they don't see it like that. Would you happen to have a less biased source? Say, just about anyone whose salary does not rely ads?

>why do you have the right to do that?

A free human being should have the right to choose the information that goes into their mind, without that right, how can we make free decisions? If it's an all or nothing deal, then your information is clearly lacking intrinsic value, I can find that elsewhere.

>Why is it that you morally think it's okay to just consume content others have created without paying?

If I write a poem, make 7 billion copies, and mail it to everyone in the world, I'd be silly to think those 7 billion people are morally wrong for not paying me.

Monetary payments are based on the assumptions of scarcity and contractual agreements between two parties. Neither of these two things exist for public facing websites.

If they wanted me to pay, they should charge for access. Other people don't have a moral right to execute code on my machine as a result of an HTTP request--including my browser.
Your mistake is in assuming that just because you form a construct around payments, rights, and obligations of the receiver of an HTTP response, everyone else will agree with you. I'm not doing anything "without paying" because there was no "paying" agreed to by me. Content sites and advertisers just made that up from whole cloth. As if they just show up on the playground and get to make the rules now.

The playground rules were simple: you prop a server that responds to HTTP requests, and in response you send an HTTP response that generally contains content. That's it, those are the rules. If someone wants to make money from this system, that's on them, not me. If they can't make money, well what did you expect from a playground where everything is freely given? Creating straw man "rules" around payment and moral obligations is futile. If the responder has issue with what I do with their response, perhaps sending content using HTTP is not the proper medium for what they want to accomplish.

In summary, just because you want to march in and monetize shit does not mean that any of the rest of us have any legal or moral obligation whatsoever to play along.

I'm not going to speak for anyone else on HN, but for me and most people around me, blocking ads while still consuming content is normal practice. Do you mute the TV, or leave the room during commercial breaks? Commercial TV is also funded by advertising, so if your position is that blocking ads is wrong, will you also argue that it is morally wrong to not watch TV commercials?

For me, blocking ads is a form of civil disobedience: I disagree with the predatory tactics of the ad industry, so I feel morally obligated not to support them. Arguing your case like it is just "consumers vs poor publishers" is ignoring the negative effects that a third party has on both the publishers and the consumers, and dismissing those arguments as "comical" might be part of the reason why it's so alien to you. It's the same as the case against music piracy: those arguments are also framed as "consumers vs poor artists" while completely ignoring the effects of the copyright-holding businesses.

Also, I don't think many people will tell you that they have a legal right to do so. The legal argument boils down to "there's no law against it", which is a different assertion than "there's an explicit law supporting me". Most people will instead tell you that they have a moral right to protect their computer or their life from the shady practices of advertisers.

For a more extreme viewpoint (but still one I can get behind), I'll gladly refer you to http://www.philosophersbeard.org/2015/07/advertisers-should-...

See, I don't think you are morally obligated to "view" any ads, just that you shouldn't block them.

I don't generally mute the tv during ads, but i will fast forward sometimes if i'm watching a recording. And while I don't think anyone should feel obligated to view ads, blocking them deprives the content creators of income, which means a bigger push for other forms of income which I feel are pretty much universally worse (paywalled content, native advertising, in-form advertising which is non-targeted and quickly out of date, etc...).

It's a bit of a fine line i guess. Blocking them outright is too far, but scrolling past them without looking is more than fine.

It's kind of weird, and i'll be the first to admit that it might be hypocritical to say that, but it's what i feel.

But as for a "solution" (but obviously not a perfect one), I've found Google Contributor to be a fantastic service. It's a system that basically lets you "bid" for advertising space the same way the ads do, and if you "win" the bid, you don't see an ad and a portion of your monthly fee goes to the site owner.

The fact of the matter is, if I can wget a website, and run it through some regexps to strip whatever I damn well please out of it, it's really not justified to get high and mighty about me doing the same thing with a web browser.

So long as I have control of my internet connection, and am responsible for paying for the bandwidth that it downloads, I have the right to block malicious or simply unwanted domains and ips. No, I do not consent to download your 8MB uncompressed ad images, or your 35 MB auto-playing videos, terrible website.

See, I don't think you are morally obligated to "view" any ads, just that you shouldn't block them.

And if ads were purely static images, served from the same source as the article, you would have a valid point. But as it is, not blocking ads leaks possibly identifying information (e.g. [1]) to untrusted (by me) third parties.

[1] https://lwn.net/Articles/570534/

>why is blocking ads but still consuming the content okay?

The alternative is to turn off the adblocker and leave your computer vulnerable to malware. It's an "either me or them" scenario, except it's caused by the irresponsibility of the other side. Why take the risk for someone else's profit? There's nothing positive to gain from this and you can also add performance issues and actual problems with finding information or navigating the website.

>many of the excuses people make seem comical.

>Ads make pages slow

I suppose it was a while since you had the pleasure to browse a modern website on an older device.

>they are ugly to look at

Why is this not a valid point in your opinion? I find it that ugly, cringeworthy ads make it harder to focus on the actual content of the website, especially if these are animated.

>I don't agree with the business model

And I have the very rare occasion to effectively demonstrate my disagreement in a way that affects the company, unlike TV or printed press where I can do nothing about the ads served.

The difference from tv is that if you mute the ad, the provider still gets paid.

What I don't see there is an explanation of why "I don't like the ads/privacy risks/other and therefore will not use this site" is not an option under consideration?

As an ad block user I can't answer the question myself, but it's still a valid question.

The custom and practice of the web has always been that publicly accessible pages are served without payment, and the user agent (maybe a browser, maybe a script, maybe a screenreader, maybe something else) is entitled to render a page in any way or none - users might have custom stylesheets, might or might not have support for certain elements or formats. When you put content on the web that's what you sign up for.
> entitled

I don't think this is the correct word (and it definitely enforces publishers negative preconceived notions), but they can't be relying on an untrusted party (browsers) to enforce their business model.

As you put it, the nature of the internet is that user agents are able to render it however they wish.

Because in this case you're the cab driver and you get to decide who or what will you transport.
What makes you different from someone that walks on the street and looks on all the advertisements and neon lights from shops, casinos and restaurants without paying? Without paying, you say!?
So many sites now won't serve you content unless you turn off the ad-blocker. I have done so for those sites, but now I'm thinking of just boycotting those sites. CBS News is one of them, and I think it is a bit insulting to tell users not to protect their computer when they visit your website.
If a site is obnoxious enough to block you for ad-blocking, the chance that they actually have compelling, unique content is close to 0%. Most of the worst offenders are content farms and plagiarist shops.
Blocking them entirely is fair, and I do so in many cases to avoid accidentally going there anymore, but you can also use uBlock Origin as your adblocker and turn on the Adblock Warning Removal List and Anti-Adblock Killer filter lists, which will eliminate most of these ridiculous scripts. Sometimes so many sites in a short time add those adblocker-blocker scripts that it takes a little time for the lists to catch up, but overall it does such a good job that when people started complaining about such things earlier this year I had no idea what they were talking about because it had invisibly blocked everything for me so far.
Great tip about uBlock Origin. I am using ABP and it didn't do that, but now both are running together, actually. What's strange is that the number of ads they claim to block is different with each.
They have different filter lists and can both be further customized as well, so it's not surprising that they block different things.
I installed flash/java blockers when I was worried about vulnerabilities in those plug-ins, later removing those plug-ins entirely.

You should not install an ad-blocker if you really want a flash/java blocker. You'll still be vulnerable.

(Yes, there have been vulnerabilities in JS et al too, but blocking JS is a very different proposition.)

I selectively block JS, with uMatrix. I allow 1st party scripts by default, and block all else by default.

Yes it's a bit tedious to enable domains when something breaks, but I'm actually fine with that. Would of course not recommend this to just anyone.

ads are just a too complicated way of making money. if they want money for their stuff, then they should remove the adds, put a nice big pay wall and voilà.

"No one who refuses to contribute to the creation of high quality journalism has the right to consume it.”

I'll pay or not. But I won't have to fight an arm race anymore.

Or maybe the guy is lying : he wants a very particular kind of "contribution" to his journalism. Maybe a contribution in terms of tracking, personal information, etc...

I think any media provider out there would prefer a subscription model - it's just so much simpler. Unfortunately people just aren't paying for it as much as they need to.
I don't want to pay for everything.

I already shell out over $50 a month for various subscriptions. For my less common websites, I'd rather "pay" by viewing ads. (And I refuse to just steal the content. If the ads are too much, then don't use the site. IMO you don't get to choose if you pay for something based on how much you like it...)

And the people on HN and reddit that announce to the world that ads shouldn't exist and anything that uses ads is a terrible thing seem crazy to me.

I'm a happy ad viewer. It keeps the content free and the creators paid. If you asked people whether they want to pay for something or view ads, the answer will be ads in the vast majority of cases.

And dispite all the talk of malware in ads, I've never seen it. I'm sure it exists, but until I begin to see it in my own experience or hear from friends and family about it, I'm going to keep enjoying ads as a monetization method.

> (And I refuse to just steal the content. If the ads are too much, then don't use the site. IMO you don't get to choose if you pay for something based on how much you like it...)

Genuinely asking: how do you keep track of this? Do you add bad sites to some domain blacklist? How do you protect yourself from e.g. ads that auto-play audio, or take over control of the website for a period of time, or redirect to the app store on mobile?

If a website has misbehaving ads, ads I consider over the top, or are known to distribute malware ads consistently to the point where I don't feel safe, I stop going to that website.

If it ever gets to the point that I can't remember which sites I don't want to visit i'll probably add some kind of blocklist, but that hasn't been a problem yet.

The only site I can think of off the top of my head that I don't visit any more is the verge. It's just too much, and the experience isn't worth the content (and for them it's not so much the ads, but just that the site is so heavy and slow. The ads did contribute to my decision though, they are full-page and expand down and everything terrible about ads). There are more, but I honestly can't think of them right now...

So if you run across an ad that plays audio or redirects to the app store, you just put up with it and hope it doesn't happen again? I hope you can at least understand why others may want a more robust solution to guarantee that never happens.
I honestly haven't hit either of those, so it might be my own little bubble here is why I feel this way. I hear about them a lot when talking about advertising, but I've never seen them personally.

But if I did get an audio ad, or a redirect ad, and they were consistent enough that it became a problem, i'd stop using that site.

I mean, on a scale of bad things, having an audio ad play once isn't really all that high up the ladder. Yeah, it's not ideal, and it shouldn't happen, and if it happens a few times i'm going to stop going there, but it's a sound on a website. Removing an entire chunk of income from a news website because I'm afraid of hearing an audio ad (something most trustworthy sites also don't want in their ads) seems over the top.

> And dispite all the talk of malware in ads, I've never seen it.

Here's the thing about malware: you don't necessary "see" it.

If only there were a viable technical solution. I don't want subscription(s), but I'd gladly pay ~5c to read an article. I just can't. In theory I could on mobile I guess, but then it's 30% to someone who does nothing, and I don't want that either.
Every time this debate pops up, I find myself asking the same question: why aren't media companies creating ads I want to consume?

This is a trick question: they are. It's called native advertising.

Ad blockers block the scummy ads. It's still possible to make a living by serving ads, but it implies that one can't be lazy in his monetization strategy.

I think it's quite difficult.

There are some ads that there only for brand building. Not sure if we want to see them. Let's count them out because they are not for things we want to buy right now ("buy" a product could be "vote" for a candidate, etc.)

We're left with ads for items we didn't know and we discover we want to buy. Or for items we know and the ad remembers we want to buy them. We follow the link and buy them. The problem is: how many things of that kind are we buying every day right now? One, maybe not even one. So this leaves us with a handful or ads to be served to us per week or per month, with the assumption of an omniscient ad server that knows what we will buy. We're still not there. Luckily, I'd say.

Then there is the malware thing: they don't care to send us ads we want to consume, they just send as many ads as they can to maximize the infection rate.

Hmm I think you've missed my point (or perhaps my point was poorly stated).

The point is that serving up sidebar/header/pop-up ads is no longer effective because these forms of advertising are intrusive and subject to blocking.

What seems to be effective is the "sponsored content" or "native advertising" model whereby ads are served in a form that mimics desirable content. The crucial point here is that the advertisement is useful and relevant to the consumer, and so is not interpreted as an interruption or distraction. Moreover, these ads don't tend to carry malware because they're media produced by the media company in question, often hosted on the same domain.

This is a model that presently works. My point is that ad-blockers block obsolete ads, whose monetization is increasingly malware-driven, precisely because the content is no longer relevant to consumers.

Ok, I got it now. Sponsored content has been done on the web, explicitly or not. I agree that it is less annoying than ads. It probably doesn't scale as well because it must be customized for every site. Current ads are the same for everybody.
This is it. Buzzfeed can afford to not use display advertising and instead use native advertising for all their revenue, but because they have massive sales and advertorial teams.

But because everyone feels entitled they have a unique story to tell and want to start up their own media property, we have ad networks they can use to make money to try and fund it.

I'd argue that it scales well, albeit not as well. Articles, for instance, don't take much effort or money to produce. The trick is to segment your population into clusters and write articles targeting relevant clusters.

Write once; serve many times.

Native advertising is also scummy and often bordeline illegal. Where I live ads have to be clearly distinguishable from other content, and the native ads which are often in the form of feature articles with some slightly different background color etc., are often found not to be, resulting in fines.

I just want print ads online. I want them to be simple, static, non-trackable and non-targeted ads that clearly stand out from the rest of the content. Targeted ads should be limited to showing boat ads on a boat site, or golf gear ads on a golf magazine site.

Sites with a broader audience must simply accept that just like in print they are forced to show broad brand building ads.

>Native advertising is also scummy and often bordeline illegal

True, but in a very different way. Native ads don't serve malware and assault your senses.

Any website that blocks me for using an ad-blocker will never see my eyes again. End of discussion.
"Here's the thing about anti-virus. We use viruses to pay our talented journalists, editors and many other staff. When you browse our site without anti-virus it means we can't pay out staff and keep making articles you love. Please disable your anti-virus to continue."
I started work on a simple Chrome plugin for myself with hardcoded urls I want redacted from my internet experience. It takes a regex pattern and a css rule and applies the css rule to the first visible element containing the pattern in text or attributes. When I have it running, my screen looks like this [1]. Unfortunatley, I can't get Chrome to STFU about disabling developer mode every time I open it so I don't use it right now. Here's code if anyone is interested [2]

[1] http://imgur.com/9HXNIcD [2] https://gist.github.com/anonymous/ce893a061d5dbd611f064e9554...

Also, let's not forget performance. Many ads make pages take forever to load and sometimes even crash.
> ..sometimes even crash

I don't think this is the case. Either way you might get one crash per millions of loaded ads. Making this argument just silly.

Not sure if you write software or not but crashes are more or less expected, just keep them below X% and it's "ok".

I'm not sure I agree. Depending on how we define 'crash', I've certainly seen ads render pages unusable or prevent my access to content. Infinite request loops, script crashes that take down desired video content, improper loading covering content, and more.

The obvious example would be sites with mediocre mobile pages fighting to serve ads. It's pretty standard to hit broken redirects, script issues, and all sorts of other crash-like behaviors visiting those.

(comment deleted)
The title is clickbait. It should be changed to mention the security benefits of adblockers.
Obligatory uBlock Origin[1] plug with a recommendation to run it in "medium mode"[2] which offers the best bang for your buck (i.e. the most that can be blocked with the least amount of effort from the user). Dynamic filtering is extremely easy to use in this mode and gives such a huge payoff in terms of what it can protect you from vs just using filter lists.

[1] https://github.com/gorhill/uBlock#installation

[2] https://github.com/gorhill/uBlock/wiki/Blocking-mode:-medium...

Ad blockers is a misnomer. They are HTML firewalls.
Dammit, the title is clickbait and I clicked on it. I feel dirty.
Dammit, the title is clickbait and I clicked on it. I feel dirty.
This article is built around the same logic as saying you shouldn't drive a car because you'll end up in an accident, and that not driving is the only option.

Ad serving has problems, but you can't invalidate the claims that media companies need to make revenue by saying you want to minimize risks.

This is the thinking of people in the media industry (I know, I work there). Thats there's only two options: have the scummy ads we have now, or have none at all and media orgs die.

But no one seems to talk about the middleground - ad serving done responsibly. I'm fine with ads, as they're performant and don't abuse my computer.

Advertising is not intrinsic to media content, it's one possible revenue model.

The metaphor isn't to driving a car, it's traveling from A to B. Which means that it's the false dichotomy that self-driving cars and mass transit are trying to break.

I pay for NYT access. If they block me because I block ads, then I'm leaving. These people do nothing to ensure the security of the ad networks they use. I'm not an expert or have any contact with that industry, but my impression is that at best the idea of security is an unacceptable cost.
"These people" and "nothing" was ignorant and harsh. Apologies to any white hat developers involved in these things.