
AdNauseam: Fight Back Against Advertising Networks and Privacy Abuse - deletia
https://github.com/dhowe/AdNauseam
======
megous
I approach this differently. There are a few use cases I go to the web for.
For each use case that is not a free browsing I create an electron app, that
never executes any code from the web or uses any external style. It only uses
XHR to fetch html pages/json data/other static stuff and then transforms that
data and uses it in the custom UI designed for the use case.

For example one use case is collection of news. My app looks almost like a
typical RSS feed reader, except that article content is full and interactive.
I can inline stupid image galleries that break article flow, I can convert
custom video players into a simple <video> tag, I can drop what I don't care
for. I can switch between tor/non-tor mode in a secure way that doesn't leak
anything and is probably more secure than torbrowser.

I have direct access to any OS programs, so I can easily open m3u8 videos in
mpv player on one click or using a keyboard shortcut, or I can download
streaming videos locally and convert them to mp4 on the fly, save useful
content of the pages to the database, including relevant images, etc.

All JS code is controlled by me, web servers serve me only as data sources.

What is key to make this fun and useful is structuring the app as a unified UI
for multiple data sources and to be able to define data sources quickly.
Fortunately ES6 generators can be used in a way that makes fetching and
transforming data without the need for callbacks, or promises very easy and
clear. Adding a new source is usually a matter of minutes.

It is also nice that when improving the UI, I get a new feature for all the
websites that I frequent at once.

It allows me to consume content the way I want, without much exposure to
tracking. All the website gets from me is an access_log entry, no cookies,
nothing.

I'd say I'm quite ahead of the "war" between users and advertising networks.

~~~
hxegon
Do you have a repo up with the code?

~~~
TeMPOraL
Seconding. I totally want to start doing this myself.

That, and finally write a decent Hacker News suite for Emacs.

~~~
PudgePacket
Browsing HN with the built in web browser is surprisingly nice due to HN's
simple structure.

------
WhitneyLand
I'm out on this.

1\. They say it's legally not click fraud. To me it sounds like regular fraud:
"deception to secure unfair or unlawful gain, or to deprive a victim of a
legal right". I'm not concerned with breaking the law I just don't want to act
in the spirit of it.

2\. This could hurt small startups that are very carefully managing an ad
budget. They say the market will adjust, but until it does small startups take
a hit. People we know.

3\. I dislike activism without clear objectives. I see no list of guidelines
here or good behavior that companies could adopt to immediately place them on
the side of the good guys.

~~~
Sir_Substance
>3\. I dislike activism without clear objectives. I see no list of guidelines
here or good behavior that companies could adopt to immediately place them on
the side of the good guys.

The goal highly specific. It is to make Internet advertising artificially
expensive, and it is to make harvested data about users inaccurate.

There are no "good guys" on the other side. People shouldn't track me, that
one's obvious, but they also shouldn't advertise at me, ever.

Human attention is extremely valuable, by far the most expensive commodity on
the planet. If advertising companies want my attention so damn bad, they can
pay me ~$65000 a year for it, same as my employer does. Otherwise, they can
piss off.

~~~
sanswork
It's not like the ads just appear while you're sitting around doing nothing.
You see the ads when you are receiving something with them. The ad companies
are paying for your attention with the content you consume.

~~~
Sir_Substance
My attention is more valuable than that. It's /my/ attention, I get to set the
price, and I don't accept their offer. They're welcome to block me from their
websites, if they feel that's not acceptable.

~~~
sanswork
You set the price when you consume the content that you know is funded with
ads.

It is your attention which you are agreeing to trade for information or
entertainment.

>They're welcome to block me from their websites, if they feel that's not
acceptable.

This is more commonly happening now. Then we all have to deal with people
complaining about that. Taking up /my/ attention which they are refusing to
pay for. Pay me for reading your posts.

~~~
Sir_Substance
>You set the price when you consume the content that you know is funded with
ads.

You're objectively wrong. If that were the case, I would be blocked from
accessing the content without "paying the price".

The situation is instead clearly analogous to a "pay what you feel it is
worth" model.

The creators of the content allow anyone to view it, regardless of whether
they run an ad blocker or not. Sometimes, they place alternative content where
the ads would be, requesting that I disable my ad blocker, or like them on
facebook as an alternative.

I think the "recommended price" of this "pay what you feel it is worth" model,
which is usually watching advertising and allowing myself to be tracked, is
too high.

I have once or twice directly sent the creator $5-10, when they offered a
payment method that didn't require a paypal account. If it's good content,
that's pretty reasonable. Dans Data[1] /is/ good content, even if it's getting
a bit dated these days.

[1] [http://www.dansdata.com](http://www.dansdata.com)

~~~
sanswork
Content creators have gone with not blocking blockers up until now because
it's not an issue. As it becomes more of an issue you start seeing more and
more anti-blocking scripts.

Once or twice in all your years online you have agreed to an alternate funding
method and you think that is sustainable for content creators?

You can make a lot of arguments for ad blocking. I ad block because it slows
my computer down. Making the claim that you ad block because your attention is
more valuable though is a joke.

~~~
literallycancer
You can think it's a joke, but I agree with parent completely. Ultimately, it
doesn't really matter, since I get to choose what runs on my hardware, and I
choose not to see ads.

Whether something is sustainable for content creators is not the users'
concern, you don't go around worrying whether Walmart can make profit, why do
you worry whether a random internet blogger can?

~~~
chc
I don't steal from or scam stores even if I can get away with it, because
while I don't deep-down care if they make a profit, I do feel it's wrong to
cheat them out of it. If I want what a store is offering, I feel like I should
deal with them fairly. If I don't want it, I just don't patronize the store.

~~~
sintaxi
My program (Browser) can ask their program (Server) do things. It may deny ANY
request it wishes based on ANY criteria that THEY get to set. Their program is
under no obligation to do anything my program asks.

Their program (Server) may ask my program (Browser) to do things and my
program may deny ANY request based on ANY criteria that I get to set. My
program is under no obligation to do anything their program asks.

This is all perfectly reasonable and fair.

~~~
chc
Given the same premises, you can prove invasive tracking to be "reasonable and
fair." I mean, they're just using information you sent them, right? In fact,
it's not right, because this deliberately blinkered view of the interaction
misses a lot of important details.

------
1propionyl
Good. I'm done being nice to advertisers.

They are actively poisoning the internet in more ways than one.

They had their chance to work out better ways to advertise, and they instead
redoubled assaults on attention.

This is getting installed on all of my browsers on all of my PCs. If your
startup is advertising based, find a different model, or do without my
business. I have no obligation to help you fund yourself or use your product
if I find the monetization model insidious.

~~~
gfody
clicking all the advertisers links seems like an awfully nice thing to do for
them, assuming they're paid per click

~~~
TeMPOraL
It _may_ seem nice at the beginning, but as you saturate the service with fake
clicks, the PPC value will drop to near-zero.

~~~
tomc1985
Some keywords are so competitive that they have PPC rates that are close to
$100 PER CLICK

For example, anything related to pyramid schemes like Xango, Avon, etc.
Keyword space is SUPER competitive for "indenependent distributors" and so
their PPC rates are through the roof

~~~
TeMPOraL
MLMs seem like one of the best target for indiscriminate application of
AdNauseam, for more than one reason.

------
ljoshua
I dislike ads as much as the next person (and indeed run uBlock on nearly
every site), but I'd feel wrong using this because of the cost to the
advertisers. It would be further lining the pockets of ad networks while
increasing expenses for, at least in some cases, legitimate businesses. Sure,
it's a bit of fighting fire with fire, but I'd rather not be an unnecessary
expense for someone in my fight against intrusive ads.

~~~
eli
Advertisers will just lower their bids, so it mostly hurts the publishers of
the websites you visit.

~~~
amelius
> Advertisers will just lower their bids, so it mostly hurts the publishers of
> the websites you visit.

... who will then have to revert to a more sane monetization scheme, which
doesn't mess with their visitors' data.

~~~
eli
I understand where you're coming from, but this seems an awfully aggressive
way to send that message to websites that you presumably like and find useful.
Merely blocking ads isn't enough?

~~~
CaptSpify
There have already been multiple attempts at allowing acceptable, quality ads.
Nobody played along. Subtle didn't cut it, so now we're escalating to
aggressive.

Advertisers had their chance and they blew it. No sympathy from me

------
chokma
Hm...

From the perspective of the ad network:

Lower click quality drives up the merchant's cost of sale (COS). Sitting
between the merchant and the publisher, the ad network tries to balance this
out, by

    
    
      - mixing good and bad traffic sources
      - encouraging the merchant to spend more money 
        so they can buy better traffic and/or rank the offers higher on their publisher's sites
      - punishing the publisher for sending bad traffic by lowering the amount the publisher is paid for each click
      - filtering out extraordinarily bad traffic
    

AdNauseam will increase the amount of bad traffic. Merchants have to pay more
money to get their ads through to those people who do not create fraudulent
clicks. Publishers will receive less money per click. Ad networks will try
harder to invade your privacy(1) so they can get more comprehensive data about
those people who are worthy to be targeted. Startups which promise to detect
fake traffic will get a boost. Companies which manage advertising via social
influencers or in-game mobile ads etc cannot care less.

I do not see the direct benefit of this for the end user...

(1) for example by paying more money to antivirus providers to send your
browsing habits their way.

edit: formatting

~~~
TeMPOraL
> _I do not see the direct benefit of this for the end user..._

The hope is that publishers will understand _why_ they're getting hit by the
collateral of the fake-click barrage and move out of the blast range by
changing their ads into unobtrusive ones, or even moving away from ads
entirely into models like:

\- treating your webpage as an investment

\- sponsorship / patronage

\- subscriptions

\- paywalls

Additional hope is that the whole ad industry finally implodes.

~~~
deadbunny
How naïve. You think the entire advertising industry is going to throw their
hand up and say "Hey, you got us. We'll just cave to your demand and
drastically reduce our profits"?

This will just be another volley in the ever escalating ad arms race.

~~~
rdw
It creates opportunity for disruption. The established players see their costs
go up and effectiveness go down. A new player comes in who has non-obtrusive
ads, and sees outsized success. Everyone else either dies off or fast-follows.

I'm curious how The Deck is doing these days, seemed like they could have been
that player.

~~~
deadbunny
So lets imagine somehow beyond all odds this doesn't result in escalation and
actually has the effect you describe;

How does AdNuseum detect the good from the bad?

How does a "good" advertiser submit themselves to some kind of whitelist?

How does AdNuseum verify the advertisers claims?

~~~
TeMPOraL
> _How does AdNuseum detect the good from the bad?_

It doesn't. Or it gets evolved until it does, but there's no incentive to do
that while there are very little "good" ads.

> _How does a "good" advertiser submit themselves to some kind of whitelist?_

They don't, that's the point. As AdNauseam currently works, there are no
_good_ advertisers, and for now it's a good enough heuristic. Any ad with an
active component is a legitimate target.

> _How does AdNuseum verify the advertisers claims?_

It doesn't. It does not care.

------
hidden_forest
I block all ads, tracking, beacons, etc. because they are now the single
largest vector for malware.

I use Firefox largely because it's the most hackable browser. I tweak Firefox
to do and not do several things:

\- I don't allow sites to see my history \- I don't allow peerconnect \- I
don't allow WebRTC (shows private address schemas) \- I don't allow much JS \-
I don't allow fingerprinting beyond pure basics \- I don't allow HTTP/S
referrer

I do block everything not associated with the pure content of the page. This
is getting more difficult, but the tools to help are keeping pace.

~~~
_tulpa
Would you mind elaborating on the tools you use?

~~~
hidden_forest
Sorry for the delay in answering your question. I don't use anything
elaborate.

I use the following Firefox addons:

\- uBlock Origin

\- Disconnect

\- Decentraleyes

\- Webmail Ad Blocker

I make the following changes in Firefox's about:config:

layout.css.visited_links_enabled (Toggle to false)

media.peerconnection.enabled (Toggle to false)

network.prefetch-next (Toggle to false)

network.http.sendRefererHeader (Set to 0 (zero))

network.http.sendSecureXSiteReferer (Set to false)

I also sometimes set dom storage to false, but this can sometimes interfere
with some webmail clients.

If you're unsure of a setting, reference the Mozilla KB:
[http://kb.mozillazine.org/About:config_entries](http://kb.mozillazine.org/About:config_entries)

------
phyller
At first I thought this was a great idea, but then I thought about it more. I
think this is the digital equivalent of an angry mob throwing bricks through
windows. We aren't doing any good, just destroying the community we live in.
What would it be like if all the content creators that are incentivized by ad
revenue lost their revenue? And we lost their content? I don't like being
placed into an artificial bubble of customized content by tracking services,
but i don't think this is the solution.

~~~
rdw
False dichotomy. There is a third alternative: a non-abusive advertising model
takes over the industry.

It's certainly plausible. All pre-internet advertising avoided tracking of
individuals. There exist even now advertising agencies that cannot possibly
serve up malware to their customers. Arguably Google achieved its great
success by being a less-abusive advertising platform in its day.

~~~
phyller
What advertising model are you suggesting? Perhaps it could be added to the
Readme on the repo to help point advertisers in the right direction.

------
mikestew
As someone in another, related, thread said: AdNauseum users will account for
X% of clicks, and advertisers/publishers will simply take clicks - X% to get
the real number, and we're back to where we started. (EDIT: credit where
credit is due:
[https://news.ycombinator.com/item?id=13221653](https://news.ycombinator.com/item?id=13221653))

~~~
sanbor
It would take a while for the ad industry to adapt to that. Also there might
be technical limitations.

~~~
ma2rten
I was the one who made the original comment. The ad industry does not have to
adopt at all, because they use a bidding system. Just advertisers have to
adopt by bidding less. Sophisticated advertisers will automatically do that
because they keep track of conversions.

~~~
mcbits
Maybe an auto-clicker could use ABP's acceptable ads filter to focus on
reducing the effectiveness of "unacceptable" ads. (But the ad networks are
just going to figure out how to detect the clicks and mark them fraudulent
anyway.)

------
have_faith
If I'm already blocking the ads and their tracking scripts, why would I let it
load them first, 'click' them and then block them afterwards?

Doesn't it just re-open the attack vector?

~~~
jalfresi
I'd love for this to be inside some kind of proxy server - stripping ads for
my browsing whilst simultaneously clicking every one of them under a fake
profile of some kind...

------
Balgair
Ok, so I may or may not have actually used this extension in the past (I may
or may not be really vague as I don't really understand if this is legally
fraud). The extension may or may not suck really bad. It may or may not lock
up your browser when it clicks all the ads on a site. It may or may not 'work'
at all in conjunction with TrackMeNot (a similar extension that flak-cannons
trackers) and BSOD your laptop all the frickin time. I may or may not have
uninstalled the extension within a hour due to how bad things got.

I think it's a fun concept, but the implementation of it may or may not be
something that you want to fight with for less than a day before swearing it
off. It's possibly so bad that I think it may have been written in order to
turn people off from this 'attack' towards trackers as it may or may not
remind one of the repulsion that rotten milk has upon first sniff.

~~~
davidgerard
Don't worry! I've been using it all today and so far it's had none of the bad
effects you describe whatsoever. I plan to continue using it.

It does actually let through ads uBO doesn't (though it embeds uBO and uses
the same filter lists), but nothing I can't live with. Doing my bit to make
Internet advertisers' lives that little bit more miserable is pretty much an
ethical obligation at this stage.

The FAQ does say only to run it if you know what you're doing. But I think
anyone who reads HN will have no problems whatsoever in running this
extension. If they do, the code's right there.

------
gcb0
this is so crazy it might work.

Automatically sending the click beacon for every blocked ad will increase
advertising costs but it will also increase vendor profits, motivating them to
add even more ads.

Until the 3rd party click validators start to filter out clicks generated by
this somehow. And then we will have yet another arms-race besides the
adblockers one.

~~~
lotsoflumens
We are all going to need a lot more bandwidth!

~~~
gcb0
bandwidth nowadays is a given. the only problem now is latency. but we don't
care about that for background stuff.

~~~
lotsoflumens
So true! Latency may be very difficult to reduce given our reliance on the
internet protocol.

------
siegecraft
I feel like this would be better if it didn't click every ad, but had some
sort of method (even if it was random) to pick ads.

~~~
douche
Seems like it'd be easy enough to slap in there

[https://github.com/dhowe/AdNauseam/blob/master/src/js/adn/co...](https://github.com/dhowe/AdNauseam/blob/master/src/js/adn/core.js)

------
Animats
I'd considered doing that in Ad Limiter, but didn't want the headaches. I was
considering replying to all ad links from an add-on to see where they ended up
after redirection, so the final destination site could be rated properly. But
the bandwidth usage is excessive.

I should try sending HEAD requests to ad servers, to see if they return a
redirect. No idea what the ad brokerage systems will do with those.

------
lqdc13
Worst case is if this leads to "sponsored stories" where an article is about
one thing and they sneak an infomercial in there for ad revenue but in a very
subtle way such that it doesn't name a product even.

Effectively, this would make it impossible to tell ads from not-ads leading to
a much worse experience for everyone.

~~~
belorn
Which ever publisher that do so hopefully live in a country which doesn't have
advertisement laws (and tax laws, if they try to be sneaky with the source of
this new revenue). There is currently several cases in Sweden, and I heard
similar tales in several other countries including the U.S.

I would say that for once, the law is actually catching up with Internet
activity that would clearly be illegal if done on a physical paper.

~~~
lqdc13
How can it possibly be illegal? I can understand if it's a public newspaper,
but private media companies can do whatever they want.

Like are you going to fine a movie studio for having an actor in a movie
drinking Coca-Cola or driving a Volvo?

Which specific laws are banning this practice in Sweden for private entities?

~~~
belorn
> are you going to fine a movie studio for having an actor in a movie drinking
> Coca-Cola or driving a Volvo?

Just a few months ago a case was started in Sweden based on such situation.
The movie studio got hit by breach of contract by the publisher along with
charges of illegal advertisement.

> Which specific laws are banning this practice in Sweden for private
> entities?

Marknadsföringslagen (2008:486) is the primary source for laws that regulate
advertisement for private entities, however there is actually more. The
European Advertising Standards Alliance has a local representation called
Reklamombudsmannen, which is a self-regulating entity for advertisement. This
one has some support by law, and some support by other means such as black-
lists, and can issue fines. Last there is also the International Chamber of
Commerce. Publishers in any form of media can also loose the right to publish,
which is an automatic granted right which the court can take away. Since TV
and radio is attached to spectrum allocation, there is also additional
conditions on them in regard to advertisement (which is the reason why the
movie studio got hit by a breach of contract in the above case).

------
xwvvvvwx
From a privacy perspective, is there a difference between never clicking an ad
and clicking all the ads?

------
hughes
I like to fight against invasive ads by using Google Contributor, which
prevents Google-based ad networks from even serving me the content. That way,
the sites I use are still supported and I am seemingly protected.

Only costs me a couple bucks a month too.

------
CaptSpify
Hm... The element picker doesn't seem to work, and the default color-scheme is
horrible. I don't see any way to change that. I like the premise though.
Hopefully it will improve with time.

~~~
davidgerard
This is literally a link to the code :-)

------
elorant
I don’t like this. While I strongly oppose tracking and have a variety of
privacy extensions installed on my browser, clicking on ads is simply wrong.
Someone will have to pay for those clicks. Not to mention that if something
like this gets wide adoption then it will make click fraud detection even
harder. A bunch of browser sessions randomly clicking on ads will have no
difference from a bot doing the same thing.

~~~
criddell
> Someone will have to pay for those clicks. Not to mention that if something
> like this gets wide adoption then it will make click fraud detection even
> harder. A bunch of browser sessions randomly clicking on ads will have no
> difference from a bot doing the same thing.

I believe that's the point of it.

------
cyborgx7
How am I just now learning about this? Been looking for something that does
this for a long time. Will start using today.

------
gfody
They say it silently clicks all the ads in the background - doesn't that just
help them? They want clicks right? Obviously the customer wants legitimate
leads but the advertiser the guy we hate doesn't care if the clicks are legit
or not. For him the more clicks the better, no?

~~~
toby
By "advertiser guy we hate" you mean the publisher? The one who built the page
you went to?

~~~
gfody
Well yeah, but we don't literally hate him, we just hate that he's using
invasive ads right?

------
hellbanner
So these click the ads presented to the user -- from their IP, so the user is
still identified?

------
mirimir
This is rather cool. But you still download ads, which wastes bandwidth. I
wonder if ads could get routed to a VPS, running AdNauseam. Ads aren't
private, and normally aren't HTTPS. Would that be doable with an add-on?

------
confounded
Aside from driving up costs, from a privacy perspective, would this offer any
advantage over simply _never clicking_ on ads? I worry that it might flag me
as a high-engagement/ad-tolerant user.

------
eikenberry
Anyone else find the Author/Developer separation odd. I mean it is a software
project, so the developers are the authors. If you don't write the software,
what are you the author of?

~~~
ryan-allen
It's not too different to having capital, employing programmers to do the
work, yet you own the business/IP.

------
placeybordeaux
Interesting idea, but clicking on a temporally stable subset of ads would be
way harder to deal with than a user session that clicks on all ads.

------
jakozaur
There is some bad concept, but clicking on every ad is problematic. I would
love to target specific ads from unethical business or deceptive.

------
redner
I dont understand. Why adnauseam clicks ads? isnt that against the purpose of
an ad blocker?

------
djfm
At least the name is great. I think it's reason enough to install it.

------
godmodus
k-anonimity is an awesome concept, and truly the only way to protect outselves
these days - it's however difficult to successfully implement.

glad to see more software out there based on this concept.

------
chayesfss
Actually slows down browsing for me, going back to ublock for now

------
homero
What if you get someone's adsense account banned

~~~
cyborgx7
I don't see what the problem is.

------
dollaholla
I'm not sure the folks who created this understand how ad tracking works.
Clicks are such a small part of the equation that this is laughable.

------
_audakel
does AdNauseam work if I have something like Ghostry (ad blocker) running?

------
_andromeda_
Very cool name. Fitting.

------
partycoder
Not sure if this may be in violation of terms of service in some websites.

