
What media companies don’t want you to know about ad blockers - CaptainZapp
http://www.cjr.org/opinion/ad_blockers_malware_new_york_times.php
======
Puts
It's strange that the most simple and elegant solution to ad-blocking, self
hosted ads are not considered by anyone. Magazines and papers have always done
this in print. Yes there is overhead, because you have to handle the content
manually and it's hard, even tough not impossible to measure impressions. But
with print it's always been this way and now the media industry wants to both
have the cake and eat it, because they don't want to handle ads but they want
the revenue.

And maybe I should clarify, how does self-hosted ads solve the problem?

\- It's hard to block ads on the same domain as the main content.

\- Just loading an image with an ad is not as much of an performance hit as
javascript loaded tracking ads and thus should not annoy users as much.

\- More secure, because you can not hack one single ad service and distribute
mallware to thousands of sites. Besides, the solution is less complex, and
complexity always leads to bad security.

~~~
chx
Ah, my naive friend. How can an advertiser know it's not being shortcharged?
Having a "neutral" third party helps here.

~~~
distances
The same way it works with newspapers, I'd say. Check that it is there when
you expect it to be there.

~~~
danielhughes
Even with newspapers advertisers don't simply accept the circulation numbers
that the publishers report. They pay third parties to provide independent
numbers. It's not just about whether the ad appears but rather knowing how
many people saw it.

~~~
hawski
So maybe there could be 3rd party company to check such things. Also ads could
be sold at auction. I.e. auction for 24h display of ad in header from $1 on
some news site.

~~~
cmdrfred
Actually that's not a bad idea. Why not hit the site that the ad's are
reportedly on from some IP addresses unknown to the ad provider. Do this over
and over again until you have enough data to assume that say 1/5th of
impressions are you then compare that to a neutral 3rd party source (Google
Analytics comes to mind) of the total hits for that day. 5000 hits / 1/5 of
those are impressions of your ad = 1000 impressions. Compare this to the
numbers provided by the ad provider itself. All you'd need to do is spot check
and it should keep everyone honest. I'm surprised people don't do this
already.

------
ryuuchin
Obligatory uBlock Origin[1] plug with a recommendation to run it in "medium
mode"[2] which offers the best bang for your buck (i.e. the most that can be
blocked with the least amount of effort from the user). Dynamic filtering is
extremely easy to use in this mode and gives such a huge payoff in terms of
what it can protect you from vs just using filter lists.

[1]
[https://github.com/gorhill/uBlock#installation](https://github.com/gorhill/uBlock#installation)

[2] [https://github.com/gorhill/uBlock/wiki/Blocking-
mode:-medium...](https://github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-
mode)

------
anilgulecha
Yes, ads are too big a vector for malware to ignore, so turning on ad-blocking
is non-negotiable.

That being given, the only alternative for NYT and friends is for subscription
which they don't have the taste for, since it gives them the true value of
their journalism.

The difference in this true value, and older ad-based value: their take from
the revenue-sharing agreement with malware-creators. We just got better with
dealing with malware, and their malware based revenue took a hit.

------
omginternets
Every time this debate pops up, I find myself asking the same question: why
aren't media companies creating ads I _want_ to consume?

This is a trick question: they are. It's called native advertising.

Ad blockers block the scummy ads. It's still possible to make a living by
serving ads, but it implies that one can't be lazy in his monetization
strategy.

~~~
alkonaut
Native advertising is also scummy and often bordeline illegal. Where I live
ads have to be clearly distinguishable from other content, and the native ads
which are often in the form of feature articles with some slightly different
background color etc., are often found not to be, resulting in fines.

I just want print ads online. I want them to be simple, static, non-trackable
and non-targeted ads that clearly stand out from the rest of the content.
Targeted ads should be limited to showing boat ads on a boat site, or golf
gear ads on a golf magazine site.

Sites with a broader audience must simply accept that just like in print they
are forced to show broad brand building ads.

~~~
omginternets
>Native advertising is also scummy and often bordeline illegal

True, but in a very different way. Native ads don't serve malware and assault
your senses.

------
uptownJimmy
Any website that blocks me for using an ad-blocker will never see my eyes
again. End of discussion.

~~~
proactivesvcs
"Here's the thing about anti-virus. We use viruses to pay our talented
journalists, editors and many other staff. When you browse our site without
anti-virus it means we can't pay out staff and keep making articles you love.
Please disable your anti-virus to continue."

------
msravi
Looks like Indian newspapers are ganging up on their readers to force then to
turn off adblockers. Goodbye, TimesOfIndia and HindustanTimes!

[https://news.ycombinator.com/item?id=12007472](https://news.ycombinator.com/item?id=12007472)

Clicking on an article in timesofindia takes you to this:

[http://timesofindia.indiatimes.com/blocked.cms](http://timesofindia.indiatimes.com/blocked.cms)

~~~
corobo
How do they manage that? I imagine they'd use JS to check if the ad loaded
maybe, can it be beat by just disabling JS entirely for that site?

~~~
msravi
Yes, it can. In uMatrix:

hindustantimes.com www.hindustantimes.com script block

indiatimes.com timesofindia.indiatimes.com script block

lets you get past the blocker.

------
wildpeaks
Subscriptions instead of ads do still work depending on the newspaper.

See "Canard PC" who successfully funded an ads-free web version of its paper
magazine (the kickstarter is even finishing today):

[https://www.kickstarter.com/projects/canardpc/canard-pc-
onli...](https://www.kickstarter.com/projects/canardpc/canard-pc-online)

------
billpg
I installed flash/java blockers when I was worried about vulnerabilities in
those plug-ins, later removing those plug-ins entirely.

You should not install an ad-blocker if you really want a flash/java blocker.
You'll still be vulnerable.

(Yes, there have been vulnerabilities in JS et al too, but blocking JS is a
very different proposition.)

~~~
distances
I selectively block JS, with uMatrix. I allow 1st party scripts by default,
and block all else by default.

Yes it's a bit tedious to enable domains when something breaks, but I'm
actually fine with that. Would of course not recommend this to just anyone.

------
a3n
I pay for NYT access. If they block me because I block ads, then I'm leaving.
These people do _nothing_ to ensure the security of the ad networks they use.
I'm not an expert or have any contact with that industry, but my impression is
that _at best_ the idea of security is an unacceptable cost.

~~~
a3n
"These people" and "nothing" was ignorant and harsh. Apologies to any white
hat developers involved in these things.

------
nalllar
The title is clickbait. It should be changed to mention the security benefits
of adblockers.

------
56k
Also, let's not forget performance. Many ads make pages take forever to load
and sometimes even crash.

~~~
wingerlang
> ..sometimes even crash

I don't think this is the case. Either way you might get one crash per
millions of loaded ads. Making this argument just silly.

Not sure if you write software or not but crashes are more or less expected,
just keep them below X% and it's "ok".

~~~
Bartweiss
I'm not sure I agree. Depending on how we define 'crash', I've certainly seen
ads render pages unusable or prevent my access to content. Infinite request
loops, script crashes that take down desired video content, improper loading
covering content, and more.

The obvious example would be sites with mediocre mobile pages fighting to
serve ads. It's pretty standard to hit broken redirects, script issues, and
all sorts of other crash-like behaviors visiting those.

------
hellofunk
So many sites now won't serve you content unless you turn off the ad-blocker.
I have done so for those sites, but now I'm thinking of just boycotting those
sites. CBS News is one of them, and I think it is a bit insulting to tell
users not to protect their computer when they visit your website.

~~~
waterphone
Blocking them entirely is fair, and I do so in many cases to avoid
accidentally going there anymore, but you can also use uBlock Origin as your
adblocker and turn on the Adblock Warning Removal List and Anti-Adblock Killer
filter lists, which will eliminate most of these ridiculous scripts. Sometimes
so many sites in a short time add those adblocker-blocker scripts that it
takes a little time for the lists to catch up, but overall it does such a good
job that when people started complaining about such things earlier this year I
had no idea what they were talking about because it had invisibly blocked
everything for me so far.

~~~
hellofunk
Great tip about uBlock Origin. I am using ABP and it didn't do that, but now
both are running together, actually. What's strange is that the number of ads
they claim to block is different with each.

~~~
waterphone
They have different filter lists and can both be further customized as well,
so it's not surprising that they block different things.

------
kempe
Security but also readability is why I use addblocker. Sites I like that does
not interfererar too much with adds, then I turn addblocker off for that site.
However, way too many sties gets unreadable and are annoying to go to because
of how adds are used and thus addblocker is very nice.

~~~
Klathmon
I know this is an unpopular opinion, but what makes you different from someone
that walks out of cabs without paying because "cab drivers are dangerous and
it's inconvenient to have to pay after i'm at my location"?

~~~
lmm
The custom and practice of the web has always been that publicly accessible
pages are served without payment, and the user agent (maybe a browser, maybe a
script, maybe a screenreader, maybe something else) is entitled to render a
page in any way or none - users might have custom stylesheets, might or might
not have support for certain elements or formats. When you put content on the
web that's what you sign up for.

~~~
madeofpalk
> entitled

I don't think this is the correct word (and it definitely enforces publishers
negative preconceived notions), but they can't be relying on an untrusted
party (browsers) to enforce their business model.

As you put it, the nature of the internet is that user agents _are able to_
render it however they wish.

------
wiz21c
ads are just a too complicated way of making money. if they want money for
their stuff, then they should remove the adds, put a nice big pay wall and
voilà.

"No one who refuses to contribute to the creation of high quality journalism
has the right to consume it.”

I'll pay or not. But I won't have to fight an arm race anymore.

Or maybe the guy is lying : he wants a very particular kind of "contribution"
to his journalism. Maybe a contribution in terms of tracking, personal
information, etc...

~~~
pgwhalen
I think any media provider out there would prefer a subscription model - it's
just so much simpler. Unfortunately people just aren't paying for it as much
as they need to.

~~~
Klathmon
I don't want to pay for everything.

I already shell out over $50 a month for various subscriptions. For my less
common websites, I'd rather "pay" by viewing ads. (And I refuse to just steal
the content. If the ads are too much, then don't use the site. IMO you don't
get to choose if you pay for something based on how much you like it...)

And the people on HN and reddit that announce to the world that ads shouldn't
exist and anything that uses ads is a terrible thing seem crazy to me.

I'm a happy ad viewer. It keeps the content free and the creators paid. If you
asked people whether they want to pay for something or view ads, the answer
will be ads in the vast majority of cases.

And dispite all the talk of malware in ads, I've never seen it. I'm sure it
exists, but until I begin to see it in my own experience or hear from friends
and family about it, I'm going to keep enjoying ads as a monetization method.

~~~
coldpie
> (And I refuse to just steal the content. If the ads are too much, then don't
> use the site. IMO you don't get to choose if you pay for something based on
> how much you like it...)

Genuinely asking: how do you keep track of this? Do you add bad sites to some
domain blacklist? How do you protect yourself from e.g. ads that auto-play
audio, or take over control of the website for a period of time, or redirect
to the app store on mobile?

~~~
Klathmon
If a website has misbehaving ads, ads I consider over the top, or are known to
distribute malware ads consistently to the point where I don't feel safe, I
stop going to that website.

If it ever gets to the point that I can't remember which sites I don't want to
visit i'll probably add some kind of blocklist, but that hasn't been a problem
yet.

The only site I can think of off the top of my head that I don't visit any
more is the verge. It's just too much, and the experience isn't worth the
content (and for them it's not so much the ads, but just that the site is so
heavy and slow. The ads did contribute to my decision though, they are full-
page and expand down and everything terrible about ads). There are more, but I
honestly can't think of them right now...

~~~
coldpie
So if you run across an ad that plays audio or redirects to the app store, you
just put up with it and hope it doesn't happen again? I hope you can at least
understand why others may want a more robust solution to guarantee that never
happens.

~~~
Klathmon
I honestly haven't hit either of those, so it might be my own little bubble
here is why I feel this way. I hear about them a lot when talking about
advertising, but I've never seen them personally.

But if I did get an audio ad, or a redirect ad, and they were consistent
enough that it became a problem, i'd stop using that site.

I mean, on a scale of bad things, having an audio ad play once isn't really
all that high up the ladder. Yeah, it's not ideal, and it shouldn't happen,
and if it happens a few times i'm going to stop going there, but it's a sound
on a website. Removing an entire chunk of income from a news website because
I'm afraid of hearing an audio ad (something most trustworthy sites also don't
want in their ads) seems over the top.

------
anotherevan
Ad blockers is a misnomer. They are HTML firewalls.

------
zapt02
This article is built around the same logic as saying you shouldn't drive a
car because you'll end up in an accident, and that not driving is the only
option.

Ad serving has problems, but you can't invalidate the claims that media
companies need to make revenue by saying you want to minimize risks.

~~~
madeofpalk
This is the thinking of people in the media industry (I know, I work there).
Thats there's only two options: have the scummy ads we have now, or have none
at all and media orgs die.

But no one seems to talk about the middleground - ad serving done responsibly.
I'm fine with ads, as they're performant and don't abuse my computer.

------
taneq
Dammit, the title is clickbait and I clicked on it. I feel dirty.

------
massysett
NY Times guy is still justified. No, his company should not serve malware. But
if I get malware and it hijacks my machine, that means my browser and machine
were both insecure. An ad blocker seems to me to be a bizarre way to make up
for an insecure browser.

People get this odd vehement behavior when told that companies that depend on
ads won't like it if you block their ads. The grown up thing to do would be to
stop using these companies if you dislike their stance against your ad
blocker. Instead there is this childish whining, as though people are entitled
to free news without ads.

~~~
pmontra
Your computer is insecure. Mine too. Even if we applied every single patch
from your OS vendor and application vendors we're left with the undisclosed
vulnerabilities sold by black hats to malware writers. The ad blocker is a
prevention system to limit the exposure of out computers to attacks.

There isn't a list of sites serving ads that carry malware so we have to block
everybody, sorry for them all. If there were a blacklist of notorious malware
carriers, much like the one for spammers, we could use it to mount a blockade.
Maybe it's really the right thing to do. I'm afraid it will include most of
the news sites.

~~~
NoGravitas
Every time someone posts something like the parent comment, I just assume
they're using Urbit or TempleOS and move on.

