At the risk of downvotes: Is anyone really surprised?
AdNauseam is silently clicking ads. This directly costs Google money. Google happens to control the extension web store for their own browser. Removing it from the store really isn't that bad. Uninstalling it from existing browsers as malware? A little more malicious, but I would still consider it self defense.
There is even a method to install it directly[1] which AFAIK Google has not blocked.
Granted, if Google were not both running the browser and the ad network, these actions probably wouldn't have been taken. But the whole attitude that this is some sort of tyrannical thing is a little over the top.
> But the whole attitude that this is some sort of tyrannical thing is a little over the top.
This is the exact sort of thing anti-monopoly laws are intended to work against: that a major market force in one market uses that power to intrude or support itself in another market. Since Google Chrome undoubtedly has a sufficiently large market share that this may be a concern and the removal of this extension certainly affects the advertisement market, this seems like a very dangerous move for Google.
Yes, it may be considered “self-defense” but is the cost incurred really so large that they want to risk another lawsuit?
> This is the exact sort of thing anti-monopoly laws are intended to work against: that a major market force in one market uses that power to intrude or support itself in another market.
That's actually not true. There's some case law about that sort of thing (the Microsoft antitrust case being the most famous), but the basis for anti trust law has always been about price efficiency, not protection of competition for competition's sake (c.f. the Microsoft breakup was overturned), nor consumer benefit.
The anti-competitive behavior was creating price inefficiency. Standard Oil owned almost the entire refinery market, and they were colluding with railroads so they effectively owned distribution. This vertical alignment meant they could effectively set whatever price they wanted because there was no other game in town.
But this isn't a case of two different markets...Google makes no money off of Chrome. They make money off of advertising. The bottom line of Chrome is that it is just there to view advertising. The better they can make it, the more it will be used, and the more advertising will be viewed (hopefully Google's)
If you look at it as the extension performs fraud, then what Google did is completely defensible. And I feel that it does. You may not feel that way exactly, but it's certainly justifiable that the extensions actions defraud the ad network.
Defraud: illegally obtain money from (someone) by deception.
That does not describe the situation in the least. AdNauseum is more akin mailing junk back to junk mailers using their paid postage. You show me an ad, which I did not ask to see? Fine, I'll click it, automatically. Enjoy.
In te Netherlands, we have stickers that we cab place on our real-life mailboxes: "No ads. No unspecified recipient." The advertisers (mailmen) are not allowed to ignore this sticker.
Am I stealing money from advertisers?
There is no such rule for online adverts. So what is a parent to do?
By blocking them and obfuscating through clicking I am protecting my own sanity, and that of my children. This is my "No/No" sticker.
> In te Netherlands, we have stickers that we cab place on our real-life mailboxes: "No ads. No unspecified recipient." The advertisers (mailmen) are not allowed to ignore this sticker.
Wow, that's actually kind of amazing. I wish we had that in the US...
I have such sticker but not anyone is actually following that. It helps to shout at ad mailmen sometimes when I notice them. I'm much more irritated over political junk mail.
Sorry for my lack of knowledge about this, but are "ad mailmen" a specific thing in the Netherlands? In the U.S., junk ads just come in the regular mail.
If it is like in France (we have the same regulations) then you have two kind of junk mail :the one addressed to you (because they have your mail status, supposedly because you have it to them and agreed to get mail spam) and anonymous one (from supermarkets for instance, with their promotions or sales) which are delivered by someone payed by them. The stickers work for the latter (which is maybe 70% of the volume)
It's arguable. Fraud generally requires intent to result in financial or personal gain. There's no gain here for the user. There's gain for the advertising company at the expense of the company purchasing the advertisements.
But the advertising company is supposed to well-qualify their targets, right? It's on them for serving and charging for advertisements to people who don't want them or will 'click them' regardless of content.
I'm not a lawyer, but according to this definition the fraud perpetrator need not gain, only cause injury to the fraud victim:
"A false representation of a matter of fact—whether by words or by conduct, by false or misleading allegations, or by concealment of what should have been disclosed—that deceives and is intended to deceive another so that the individual will act upon it to her or his legal injury."
If we take that definition, what is misleading? Users are presented with something asking them to click and then they just automate the clicking. They aren't attempting deceit through their actions.
Now, if the advertiser knows that people are clicking things through a script, and has some clause with their agreement with the company that says 'We won't charge you when this happens' but charges them anyway, that would be deceit. But it'd be on the part of the advertiser to the company buying the advertisements.
Who is the user defrauding? If they're not the site running the ads, they have no business relationship with the ad company, so the ad company really can't reasonably demand of them to only click certain ads.
You'd be wrong. Many people, even Americans, don't really understand that freedom of speech doesn't mean you can do and say anything you want regardless of the context or consequences.
I suspect the comment is a frustrated response to American courts declaring that all kinds of weird things are somehow protected as "speech", not an unironic endorsement of the practice.
Yes. The intent is what's important to me. If it were an extension, like in the 90's when everyone was on dial-up, that pre-loaded links, and some of those links happened to be ads then that's one thing. The goal of that extension is to load pages faster since they've already been downloaded. That's not fraud. This extension clearly understands that links are ads and that clicking them will cost the advertiser money with no benefit to them. And then clicks them. That's what makes it fraud.
How is that not how fraud works. The extension practically bills itself as a form of protest intended to devalue an ad for an advertiser by acting in an intentionally deceptive manner.
It is generally understood and indeed reasonable to assume that in order for most users to click an ad they must first see it. This extension intentionally violates that in order to deceive that same advertiser.
You're missing a few elements. One of which is, "the injured party’s right to rely thereon"[0] (unless that's what you mean by #4 above).
"A party does not have a right to rely on a representation if she is aware the representation is false, not enforceable, or not made to her."
It's clearly arguable that the ad network knows that a browser is able to click on an ad in an automated fashion. Thus, they do not have a right to rely on that representation, as it is not enforceable.
Knowing that it is possible for a representation to be falsified (what you describe the ad network as knowing) is very far from knowing that it is false (the branch of the standard you appear to be appealing to argue a lack of right-to-rely.) So, I don't think the argument, as you've made it, is convincing.
As far as (1).... making a web request is NOT a user saying they clicked an ad. That is an inference that the website owner is making, not a statement the user is making. The user never agreed to that.
This would be like if you are a dairy farmer and you notice people who buy cookies usually buy milk, so to make things simple you make an agreement to pay a store 25 cents for every cookie they sell (because you want to incentivize them to sell more cookies and therefore more milk). You couldn't then accuse a customer of fraud when they buy cookies but not milk. They never agreed to always buy milk when they buy cookies, that was just an assumption you made.
> making a web request is NOT a user saying they clicked an ad.
Whatever the merits of that argument might be in the general case, using an extension which expressly advertises its function to include falsifying clicks to mislead ad networks makes it hard to make the argument in that context.
Right, but just because I know the inference that a 3rd party is making, am I under some responsibility to not change my behavior? I don't think I have some legal or moral responsibility to not troll someone watching me.
Since the packets are being sent to your computer, I consider the situation analogous to a someone coming to your home and then you replying to them with bogus information. Maybe that still fits this definition of fraud, in which case I would say I don't believe such fraud should be legally suable. I think the users property rights of their computer trumps the advertiser's complaint about fraud.
The distinction is automation versus manual process. If you manually reply with bogus information, then your illustration works. When you automate the process, there's no intervention on your part. Ad blocking is fine with me, but when you intentionally click on ads in an automated way, this becomes click fraud. There's a certain level of click fraud that is tolerated by Google, but AdNaseum takes it too far IMO.
You're joking right? You obviously never automated bogus reply on the phone answering machine for one or the other reason. If you don't pick a phone at home and answering machine takes it, are you comiting a fraud because it is automated and telling everyone that you're not home.
You could make that argument for any bot, but in the eyes of Google or myself, I see it as click fraud. I think Google made the right choice here. If you disagree with surveillance and want privacy, there are other tools available such as Ghostery and µBlock. They provide what you want without being retaliatory.
Seems like point 1 would not be satisfied, because you are actually clicking the ad. I suppose someone could argue that you're still deceiving them about your intent but it seems like quite a stretch.
Is this analysis independent on whether I'm the party who gets paid for the ad clicks? It makes sense to me that if I make someone sign a thing saying I get money per click, and then go ahead and simulate clicks, I'm defrauding them, but if I'm just some random guy, why's it on me to play nice with their method of detecting clicks?
Why does Google deserve the shit for stopping people from taking money from them? I wouldn't think to give a department store shit for pressing charges against someone who smashed up a bunch of merchandise, whether or not the act was politically motivated.
I feel like we could come up with an analogy that captures more of the nuance of the issue. How'd we feel about it if Windows went around and uninstalled non-Microsoft-Office word processors, to stop competing companies taking money from the Office division?
Sure, Google wants to make money on ads and they're under no obligation to let people use their infrastructure to undermine that goal. But likewise, the people who get fucked over by Google compromising the Chrome ecosystem to defend their ad income are under no obligation to be particularly enthusiastic about it.
Google deserves shit for using market power to stop the purchasers of personal devices from running software of their choice.
If the user does something with their device Google dislikes, Google can block the user from using Google services, or if they're doing something illegal, they can go that route.
This habit of retroactively removing functionality from devices is not OK. If Google relies on a business model other people hate, perhaps they should give some thought in to doing something about that.
As far as I know, there are laws against smashing up a bunch of merchandise you haven't paid for, and the department store would probably press charges rather than taking advantage of the fact that they're part of a conglomerate providing medical insurance to refuse coverage to the protestors on shaky grounds.
They might! The case they would have to make seems pretty shaky to me, but legislators have done some things that seem pretty ridiculous to me in the past, and I am sure there is plenty more coming.
That doesn't make acting in such blatantly bad faith until you are able to take legal action forgivable.
> We wrote Google to ask the reason for this sudden move and they responded that AdNauseam had breached the Web Store’s terms of service, stating that “An extension should have a single purpose that is clear to users…”
Both actions are done with the stated intent of costing the target money. Sure, it only involves accessing URLs the public is actively encouraged to visit (in a manner intended to bring the system down) but so do many DDoS attacks...
A lot of things costing a company money are perfectly reasonable and we rightly complain if a company sabotages them. Things like leaving negative reviews/ratings, receiving refunds for defective products or shopping around to compare prices ultimately hurt someone's bottom line, so I think we can expect better from an analogy here.
I think "indiscriminately bombard ad networks with the intent of sabotaging the ad network's business" is a lot closer to my DDoS example (or smashing up a store) than "if a product proves to be disappointing, exercise my statutory right to a refund and/or tell people about it". I'd also feel Google could and probably should remove browser extensions whose distinctive feature was that they automated the process of submitting fake reviews or purchases/cancellations if they stumbled across a class of product the plugin designer disapproved of enough to want to harm the vendors' ability to continue selling it.
I don't think you can reasonably frame clicking on too many ads as an act of sabotage. It's interfering with the metrics that some people who you don't necessarily have a business relationship use to make business decisions (like paying out money), but it's not obvious to me how you're obligated to be particularly cooperative in their gathering of the metrics. The system continues to work as intended, you're just not supplying it with the data its creators would ideally hope to receive. That also seems to contrast it with a DoS attack.
I agree that Google should probably remove browser extensions that are convincingly designed to facilitate actual fraud. I'd also be on board with Google removing a browser extension that was designed by a site operator to produce artificial clicks on ads on that particular site, since now there's someone involved who probably signed a thing saying they won't produce artificial clicks.
But my point with my examples was that you can harm someone's bottom line without it being fraud or otherwise illegal, so it doesn't just follow that if you harm someone's business, you're doing the equivalent of a DoS or smashing up their merchandise.
> I don't think you can reasonably frame clicking on too many ads as an act of sabotage. It's interfering with the metrics that some people who you don't necessarily have a business relationship use to make business decisions (like paying out money), but it's not obvious to me how you're obligated to be particularly cooperative in their gathering of the metrics. The system continues to work as intended, you're just not supplying it with the data its creators would ideally hope to receive. That also seems to contrast it with a DoS attack.
Blocking an ad/tracker is being "not particularly cooperative", and fulfils the goal of not seeing ads or being tracked pretty well. The entire point of modifying an existing ad blocker to click everything, as stated by the creators is to disrupt the metrics to the point where the system doesn't continue to work as intended, and cost the indiscriminately clicked ad-purchasers an average of $1.58 per wasted PPC click, as they've taken the effort to estimate (see their FAQ).
I can't see how anyone can honestly argue that a tool whose creators openly state that its purpose is to indiscriminately "obstruct" and "resist" an industry to force it to change its business model by rendering its analytics worthless and wasting PPCers budgets isn't sabotage, irrespective of whether they agree with the desirability of the end goal.
Fundamentally I feel like sabotage involves something like me going to someone's place and destroying their equipment like in your original analogy, also I'm probably being really sneaky about it. Naturally there's a legal and moral right to me not coming over and fucking up their shit, and probably to not be sneaky in some ways.
But here, they are wasting their money because they decided that they'd pay some amount per click. That doesn't somehow confer a legal or moral obligation on me, some random third party, to behave in such a way that this is actually a good deal for them.
That whatever they measure when my browser follows an ad corresponds to some amount of human attention is a gamble they're making, and in no way comparable to the expectation that in civilized society, someone doesn't walk into your store and smashes your merchandise without being punished for it.
Next we're going to go around and fine people for leaving their TVs running without paying attention to the commercials...
> Next we're going to go around and fine people for leaving their TVs running without paying attention to the commercials...
Well that actually might happen someday. Not sure where, but some podcast on youtube was discussing almost just that. Electronics companies might strike a deal, where you have a smart tv with a camera and face recognition, where you get a good deal of channels cheaper if you watch the commercials. Also when you rent a movie via their streaming partner, you pay depending on how many eyes are watching.
Off course we all know how easy it is to game face recognition now, but in the future it might not be as Ai algos keep improving. Sadly I hate to see this day when we get to the level where most people will obediently watch the commercials because they can't pay trice the price. This kind of future seems both comical and disheartening, like someone would combine 1984 and They Live.
You could use the same "they decided to publish the URL and make it serve data... no obligation on me to behave in a way that is actually a good deal for them" line of rationalisation to justify a DDoS attempt or computer worm.
That's why the relevant criterion here is is this software written for the express purpose of fucking up their shit?, to which the answer is obviously, yes and they've said as much, and acknowledged that if you just don't want to be tracked you're better off with a proper adblocker anyway.
If you want to leave your TV running without paying attention to the commercials, regular adblockers exist and are amongst the Google Web Store's most-downloaded apps.
I don't think it's comparable, a DDoS attack is aimed at taking down a whole site, or otherwise making it inaccessible. Here the system keeps working as intended and the other side just has to deal with how the intentions turn out to be not very productive.
Can you cite any evidence that the "stated" intent of AdNauseam is to cost the target money? According to their video, the intent is to protect the user's privacy by preventing advertisers from building an accurate personal profile of the user. You may argue that this has the effect of costing the advertisers money, but just because that is a result, doesn't make it the primary goal. It's certainly not AdNauseam's fault if the advertiser's business model depends on violating user privacy.
Indeed it is marginally safer for one to simply use a strong adblocker and protect themselves. And it is also safer to stay at home rather than to attend a protest. But safety is not the only concern. Using an adblocker does little to change the status quo. AdNauseam, and the obfuscation strategy in general, instead presents a possible avenue for collective resistance; a means of questioning and perhaps, eventually, changing the system. But this is not for everyone. If your goal is primarily self-protection, it may not be for you...
So they're aware of the fact this is worse at protecting privacy than a simple blocker, and equally unambiguous about their objectives being to change the status quo by damaging ad networks' business models. And yes, they've calculated the direct cost of some of those clicks too:
As the precise cost generated by clicks is not visible to the client, AdNauseam calculates an estimate using an average value of $1.58 for each clicked Ad.
> Both actions are done with the stated intent of costing the target money.
No it doesn't, it is to obfuscate the results about your interest and make the information they sell about you - useless. They are not giving me any money so I have no obligation to provide truthful ad clicks either.
> (in a manner intended to bring the system down) but so do many DDoS attacks...
You can't be serious, it's not comparable to DDoS attacks. It is just obfuscation, pure and simple. It is not in any way unethical either, digital surveillance that ad companies practice is on the other hand very much unethical. When I visit one website, why should dozens of third parties be able to sella and that information? When did they ask my consent? The only way to make that info useless is to have automated add-on like this, if the majority would use it, we wouldn't have as big problems of ad networks spreading malware and proving government agencies with surveillance information.
No need for personal attacks. While the analogy (like all analogies) is an imperfect one, there are clearly some parallels between the two situations and I think the comparison is interesting.
It's purpose is to get you to look at things from the other side: what would you do if one of your customers was intentionally harming your business?
To pre-empt a personal attack against me: I do not make a living from advertising.
I don't hold any bad feelings towards Google for banning AdNauseam. What I do hold against them is that they are not being open and transparent with their reasons.
One of the many things about humanity- we adapt to near all circumstances no matter how bad. And we adapt fast, in 20 years from cold-war showroom equality and egality to oligarchy without borders.
Oligarchs abusing there power? Not so bad, as long as it hits somebody else backyard. Even better, if it just never makes its way into the news.
All even, the democratic powers playing the great game again, condemning every country who doesn't want to be a feudal servant and go for a "Leave me alone" nuke-stance?
And after all - hey we are still here, aren't we- so its not so bad.
People vanishing every night? Guess, one can get used to that, nobody of the vanished has ever complained. And hey, dropping housing prices, finally a solution to that.
To actually get a accurate, neutral moral "measurement" you would have to take a group and enclose them in the isolate standards of the past- and then have them write about how they perceive today.
The interesting measurement question- if there is one, is what is left that those in power could do- they wouldn't get away with?
That couldn't be swept under the rug, that once really tied the room together?
Google HAS to block this and prevent it from ever being run if it can, its click fraud plain and simple and they've been stung too many times with huge bills for fraud it could have prevented and didn't.
Everything that is GETtable risks being GET. Why would Google serve an ad to someone who might click it without the intention of following through with the ad? Because Google chooses who to show the ad to. So it is really Google's fault. Google created click fraud.
...and, this is how search engines work, on a simple level. They request a web page then they "click" on everything and request all those other pages.
Of course, Google probably detects bots and doesn't count these clicks, but your statement that "Google created click fraud" is correct (although they weren't first) and kinda funny.
Just issuing a GET doesn't cause a somebody to be charged.
It's a process involving delivering specific tracking cookie along with the ad that should you end up clicking through to the intended destination gets tracked through either more cookies or tags in the URL.
How is that the user's problem? I don't care what the ad network does. If they are sending me links and I'm choosing to click on them, whatever happens is their own fault. I entered into no contract with this company.
I'm not surprised either, and I might do the same if I were Google, but "Tyrannical" does feel like an appropriate word given they are using their multi-industry monopolies to crush threats.
No (it doesn't surprise me). I figured it would be banned at some point, it is essentially click fraud but with a (noble?) purpose. And once it reaches enough critical mass to be annoying (and by annoying I mean interfering with other analytics) it would be dealt with.
I certainly resonate with the issue of advertising getting ridiculous (and love Troy Hunt's response) but don't begrudge Google their right to not help people mess with their income stream.
It's important to separate the distinction between legal and illegal, and right versus wrong (morality). the two are sometimes correlated but they do not necessarily have to be. It's much easier to prove something legal or illegal because you just look at the laws on the books. It's like a mathematical proof. It doesn't have to be morally correct but it can still be legal.
The holdup are people confusing this click fraud with immoral. It seems to be very clearly illegal by the books, but in my opinion a moral and right thing to do
If true, that would be a bit more disappointing. Can someone verify?
Edit: Keep in mind I'm referring to developer mode installation per the link above, not directly installing the extension package from the store or a file.
I tried earlier today in Chrome Canary in developer mode and after a short while the extension disabled itself. When I try to enable it back again the console on the Extensions page says "Unchecked runtime.lastError while running management.setEnabled: Extension kkendhmcacabobepidajpejenjinojhp cannot be modified by user."
I'd imagine that if it's flagged as malware, this is correct procedure; you don't want to let users accidentally side-load malware either (too many real-world examples of people falling for "Go to this dialog, click this option, NOW click the link and it should work" attacks).
> The good thing of course is that it shows that they are afraid of such an extension.
Seriously. I'd figured they'd filter these "clicks" out easily server-side and didn't bother to install this thing, but this ban has hinted otherwise. I'll be installing it everywhere I can now.
Sure, but most or all ads on every page visited by a given IPV4 address surely throws up red flags, NAT notwithstanding. And all this is assuming that the extension bypasses session tracking and makes resorting to IP address necessary in the first place.
Then again maybe it doesn't, since they bothered to ban this extension. They did seemingly more-or-less give up trying to sort spam search results from low-traffic but high-value sites a few years back, so I guess they can't algorithm their way out of every abuse problem.
[EDIT] all ads on some pages visited by a given IP over some shortish span of time, I should say, in the case of NAT.
1. Does a user searching without paying not cost Google's money?
2. Does a user using Chrome for free not cost Google's money?
3. They even built Chrome to boost advertising ecosystem.
4. Is there any law or ToS said users are not allowed to use a script to click the ads automatically? Are the advertising companies going to spy on me to check if I'm using a script?
5. Advertising surveillance directly violates my online privacy. Yet, "by using our services, you are agreed to our terms and conditions"
You're being imprecise - it doesn't cost Google money, it is advertisers who are losing money in this case.
Of course, in the long run, if clicking ads gets popular as a trend among adblocking tools, it can influence the whole industry, and Google will earn less money. This is not the same thing, though.
Few month ago we developed and launched an AI-based AdBlocker (called AdFilter) and also had several problems with Google Chrome Web Store. Almost every week they had a "strange reason" to remove our extension from the Google Chrome Web Store.
We had more than 380,000 DAU (Daily Active Users) from 36 countries with all good feedbacks on Google Chrome Web Store, but even so, Google always tried to find a way to get us delisted and sometimes removed... they called it "an automated review process that is not performed by humans".
Every time this happened we need to send several messages to all available email address to get our extension approved and listed again in 24-48 hours. After facing this kind of situation more than 12 times, we simply gave up and remembered that it's not worth trying to build a business (or App) on top 3rd party company, like Google or FB.
How is the game you linked to "blatantly illegal"?
Edit: I'm genuinely curious -- did they copy the actual assets from the original game, or did they just copy the style and gameplay (which would generally be legal).
I'm surprised people still use Chrome and not Chromium. Perhaps a few devs in your situation could improve the Chromium installation flow for Windows, etc.
Google doesn't have much incentive to make it easy, but third parties (like Debian) do, and do a lot of the heavy lifting on an ongoing basis.
I can't even figure out how to install a stable version of Chromium. I only spent two minutes trying, but installing Chrome consists of one web search and one button click, so the difference is pretty obvious to me.
I believe it does, but I don't usually use it; rather, I usually get Ruby Version Manager to manage one or more Ruby runtimes on my Mac. Therefore I can't vouch for it to work with brew and/or brew cask.
Most of the more-or-less mainstream distros ship Chromium in their standard repos. In fact, they're more likely to ship Chromium than Chrome due to the fact that the former is FOSS and the latter is not.
Neither macOS nor Windows have such a philosophy of "prioritize the FOSS alternative", so Chrome is unsurprisingly the better-supported option there.
> Most of the more-or-less mainstream distros ship Chromium in their standard repos. In fact, they're more likely to ship Chromium than Chrome due to the fact that the former is FOSS and the latter is not.
That's actually how I first started using Chromium early in my Linux days; I didn't really know the difference between Chrome and Chromium, so I just picked the one that was easier to install. Once I finally learned the difference, I consciously made the choice to use Chromium on all of my systems, even the non-Linux ones.
> Earlier this week, on Jan 1st 2017, we were informed by our users that Google had banned AdNauseam from its Chrome Web Store. We’ve since learned that Google now also disallows users from manually installing and updating AdNauseam, thus locking users out of their own saved data, all with no prior notice or warning.
Restart your browser and you will see the extension is no longer installed. This is deliberate on the part of Chrome (Firefox does this too) - It is to prevent malicious extensions from using the developer mode as a backdoor to install themselves.
On each restart, you will need to re-add the extension from source.
I've been needing to do this with the LastPass Chrome extension as well. It is rather annoying, but if you just keep the browser running it is bearable. I'll slowly switch back to Firefox though. They are adding sandboxing and swapping Gecko to a Rust-based engine. We'll see about the performance. Bottomline is, I'm done with being overly reliable on Google.
> Hopefully you can see where I'm going... whatever's written in the policy is difficult to enforce literally. Someone has to make the distinction based upon the intent of that policy. A person has to draw the line. If Google have made the decision based on that policy, well that's their decision.
> Reading https://developer.chrome.com/extensions/single_purpose (part 4) makes me thinking "disrupting ad networks" could be that single purpose. Then it'd cover blocking & clicking. Just like "Office Online"'s "edit office documents" covering both "word processing" and "spreadsheets".
Hey man, I think your discussion points finally reached the real reason why "single use policy" applies differently for Office Online than it does to AdNauseum. AdNauseam team are intelligent and they probably realize it as well. In their self-description:
> AdNauseam, a not-for-profit, research-based privacy tool, hides and clicks every tracking ad that it identifies in order to resist the opaque collection, analysis and monetization of private user data, and to challenge the intrusive and unethical business model that currently dominates the web.
Ital. gives you the justification Google could use to block the product. "Disrupting Ad Networks" is the single purpose, but while "Ad Blockers" are a simple nuisance to Ad Networks and 3rd party revenue streams, "Ad Obfuscators" poses a threat to affiliate marketers and resellers who may interact through Google's channels.
(In my opinion.....) Is AdNauseum justified in their work? ABSOLUTELY YES. But there are other hands at play. This also explains why Google is working so hard to block updating or new installs of it.
It's pretty simple: this has to be wreaking havoc with Adsense - depleting ad budgets, artificially inflating CTRs, and giving website owners revenue they didn't earn. This extension also exposes website owners to unfair Adsense bans for generating high numbers of invalid clicks, which can cost them two months of revenue that is almost always withheld when Google bans a site. So by using this you could be costing someone (your favorite blogger etc.) their livelihood.
If you are going to block ads, block them. Don't click on them.
Neither you nor Google has any right, morally or legally, to tell me what to do with the content that Google willingly served to my personal property (my computer). Once those electrons cross that boundry from <Google's property> to <my property> they lose any and all control (although of course in reality they try their damnedest to retain it).
If Google wants to wholesale block all IPs that cause them a problem with click fraud that's their prerogative, but manipulating the electrons that very safely reside within my own private property and then turning around and continuing to serve me ads is something straight out of a Dickens novel and I shudder to think of what happens after the second chapter.
Of course you can do anything you want. I'm just telling you the potential repercussions, which include destroying someone else's livelihood. If you are OK with that, fire away. But if everyone did the horrible/harsh things that they are legally entitled to do in this world, we would be in a very bad place.
If your income stream relies on millions of random internet strangers gracefully letting your code live rent free on their own personal devices then you have nobody to blame but yourself. That is assuming that sending GET requests to a public internet endpoint is a "horrible/harsh" thing to do...
If someone creates a plugin with the stated goal of screwing up your clients' analytics to discourage them from paying you, do you really wait for it to work before you remove it from your platform?
I don't know, but I certainly wouldn't want to be a favorite site of even one AdNauseum user. Adsense is very sensitive to stuff like this, especially in higher CPC niches.
You would be banned - very fast. You would never actually receive the money since Adsense pays out on a two month delay. They are very good at identifying this type of activity and the webmaster is the one that pays the price.
... Or, more likely, they will switch to an ad network with more obnoxious, or dangerous ads. Google, Microsoft, and their ilk are a fair bit better as ad networks then some of the less scrupulous players.
Yes, the large networks occasionally serve dangerous ads. But by far and large, they have better standards then most of the fly-by-night ad networks.
Or, even more likely, they’ll actually switch to direct negotiations with the advertisers themselves, through more open and manual brokering platforms.
This model works for buying advertising space on ESPN, or in a print magazine, but not on the internet. Economies of scale, need for targeting, the inability to force unskippable 5-minute-long streams of ads on users...
I’ve done all this myself before – even when running a small Let’s Play site with a few friends we negotiated with publishers directly for advertising, and managed to get quite good deals.
I’m not sure why you think this is so complicated or impossible.
I've been using it for a few months and more recently took to installing it on public computers and telling anyone who would listen to use it. Just put it on my Mom's computer a day ago. I alone had it on a dozen machines or so.
They probably can't, since it's an extension and thus uses the user's browser, IP, cookies etc (Adsense does use mouse tracking and other techniques that will likely flag these clicks as suspect, requiring additional analysis). Therein lies the problem. It appears to them as if someone is going and clicking on every ad, or is using an automated headless browser to click on ads. That can easily get you banned. Google doesn't care about who is doing it, they only know that it is happening on your site, and as a result will treat your site as a threat to the Adsense network.
> (Adsense does use mouse tracking and other techniques that will likely flag these clicks as suspect, requiring additional analysis). Therein lies the problem.
Actually, Google does track all of this stuff already:
Google could decide to just ignore IPs that host users that display this behavior pattern. But yeah, it's "easier" to just ban the offending Chrome extension.
They could certainly do that in this case, but they are probably trying to send a strong message to would-be developers of similar extensions. One is a nuissance; a thousand would be much more difficult to chase down and block.
Also, if these developers really wanted to, they could distribute it directly from their site and dynamically generate the extension, packaged with a unique identifier, for each download. This would make it effectively unblockable. So simply identifying an install of this specific extension is not a solution.
Seems like there's room for an arms race here, where you tune the extension to only click on some ads, and ultimately approximate legit user behavior as Google keeps cracking down.
No privacy/security/adblocking user should use Chrome; it's a browser made the company you block ads from and tracks you whether or not the ads are there. Use Firefox, Safari, open source chromium, MS Edge, or anything else, just not Chrome.
Also a Safari extension would be very nice.
I always thought Stallman's ideas were _too_ crazy. Until I struggled with Chrome for 10 minutes trying (and failing) to install this extension in a way that wouldn't bother me. And then I realised that Chrome is dictating what can I do on _my_ computer and what I can't.
This year I will try to fix the rough edges in any FF plugins I use instead of switching back to Chrome.
Can I ask if there's a good way to keep bookmarks synced between Chrome and Firefox? I know about Xmarks[1] but I'm just curious if there's another way that doesn't involve storing my bookmarks on a third party.
Not that I'm really surprised by Google's action, but "fraud" is a pretty strong word for what's happening, and pretty disingenuous IMO. No one's pretending to be anyone they're not.
Click fraud is a standard industry term for robot initiated clicks, which this is a case of. What this extension generates are certainly not legitimate clicks form interested users, or even unintentional clicks that happen due to various reasons (some HN readers like to blame them on dark patterns, but they're really just of a consequence of the fact that ad tech is just not that great in general).
No, it is not. It is an industry term for robot initiated clicks for the purpose of profiting, that is the "FRAUD" part, just clicking random ads is not defrauding any party to the benefit of another, it just wastes resources.
Do you think it is fraud to order a pizza to be delivered to someone else's house, because you are a vegetarian and wish to destroy the business model of meat-based pizza?
How about doing this to every pizza store you encounter that serves meat?
You're not profiting..just wasting a business's resources by misrepresenting your identity and intentions.
Either that or tracking clicks is a terrible way of keeping track of ad effectiveness, and therefore cannot rise to the definition of fraud.
What if I had a billboard with a camera that used face recognition to determine how many people looked at that billboard. Is it fraud to put on a mask to prevent my face from being detected? Is it fraud to put a bunch of faces on a poster-board and parade it in front of the billboard to confuse it?
Websites only provide information that I then can choose to render/manipulate however I want, and what I do on my application on my end with that information is my business.
Someone clicking an ad is not a) making an order or b) pretending to be someone else, which seem kinda instrumental for the fraud in your analogy. The ad didn't get served with a ToS document explaining that by clicking it, you enter into a contract or whatever. It's your decision to pay money based on ad clicks, and it doesn't somehow oblige people who have nothing to do with you to only click ads in the manner you intended.
Alright, how about an example with no orders? Let's say you think the police state is evil, and you wish to destroy it by wasting its resources. Is making automated empty 911 calls justified?
Just because you intend to use the 911 hotline as an emergency resource surely shouldn't impede my right as a phone owner from calling it in the manner you intended. It's my god-given right as a phonebook owner to call whatever numbers I see fit in whatever quantities I want to.
It doesn't even have to be 911. You can DDOS the phone lines of any business to make them less effective. Is this ethically defensible?
This analogy is still a stretch. Both are examples of DDOS which prevents legitimate requests from going through.
This is more the equivalent of replying to every piece of physical junk mail that you get using their provided self-stamped return envelopes. I think you'd be hard to pressed to argue that, while being a jerk move, you're still aren't entitled to do it.
Used to actually do this back in the day. I would send them back their offer with something like "I regret to inform you that I am not interested in your offer. Have a nice day." on the top page. I figured that going out of my way to let them know that they shouldn't expect a sale from me was simply being polite. I used their handy return envelope to send it back to them.
There were stories of people who would attach their return envelopes to heavy objects and try to send those back to them.
Maybe some day advertisers will come to understand that if their ads affect me negatively, then I will do my best to make it unprofitable for them to present them to me.
It's more like you get a call that tells: you can get a free pizza as their promotion only if you open a door. When that pizza arrives, they demand money from you and try to sneak spying equipment to your home. Saying "get the hell out of my lawn" is the only right response.
"Click Fraud" is an industry term precisely because that's what the ad networks want you to think. It's fraud when you unintentionally (automatically through a script or otherwise) click on their ads, but when they spy on you, it's not called "spying", it's called "personalised" advertisements. "Standard industry term" is just another way for the big players to justify what they are doing, in essence, a euphemism.
On their FAQ page AdNauseum reproduce the following definition of click fraud to argue they're not engaging in it:
The practice of ... clicking on an advertisement hosted on a website with the intention of ... draining revenue from the advertiser
Elsewhere on the same page they've even gone to the extent of explaining how they calculate the average revenue they think each simulated click drains from the entities they wish to "resist"
The difference is that in the classical definition, the revenue is drained from the advertiser to the click fraudster. That's an obvious and prohibited motive for traditional fraud.
In AdNauseum's implementation, the revenue is drained from the advertisers to all of the sites where those ads are hosted and where AdNauseum's users browse. Neither AdNauseum nor the users browsing the sites benefit from that revenue. Instead, the advertiser's marketing budget is slightly less effective.
This changes the behavior from an intent to profit to an intent to harm. I'm certain that they could prove in court that they do not intend to profit from this activity. But I don't know whether or not the court would classify the outcome of the activity as "resistance" or "harm".
The classical definition AdNauseum reproduced regarded it as fraud if it was to generate revenue or to drain revenue. Wikipedia uses the even more straightforward definition: "Fraud occurs when a person, automated script or computer program imitates a legitimate user of a web browser, clicking on such an ad without having actual interest in the target of the ad's link"
Regardless of what a court may decide if it ever gets involved, the term "click fraud" as its most widely used and defined certainly includes clicks aimed at causing a party to lose money as well as than clicks aimed at directly obtaining money.
Can someone explain what the point of silently clicking the ads is? Why not just block them? Does clicking the ads somehow aid in blocking or is it a way of fighting back against perceived abuses by advertisers?
I find it a bit harsh to be so hostile towards online ads. After all, it's has been a significant source of income for innovative companies or services that couldn't exist otherwise, because users are notoriously reluctant to pay for virtual goods.
Yes, tracking and overly intrusive fullpage popups are real issues, but not all ads are inherently evil.
Not all dictators are inherently evil either, but because of the state into which a dictatorial ecosystem inevitably declines, we don't want them either.
I prefer classic advertisement labelled as such over subliminal manipulation like product placements or fake reviews / fake "fans" on social platforms.
And frankly, I even discovered products through ads I might have never found otherwise, even though that's not how it should be in a perfect world.
If I have a friend who I know is interested in a particular author, and I notice that that author has released a new book, is it evil for me to tell my friend?
I don't think it is. I'm connecting a producer and a consumer in both of their best interests. When the producer is the one who asks an entity like Facebook "who enjoys this author?" and advertises the new book to them, why is this evil?
People have desires, and without advertising it is very difficult to connect those people with producers who can fulfill them.
I think advertising isn't inherently evil, just some tactics used to persuade people with misinformation.
If you already want something, then the ads are useless because the entire point of an ad is to manipulate me into buying something I didn't want to buy.
If I want to buy the book already because I am interested in the author's books then the books sell themselves without need for ads.
I run my own email service. I also find search currently very disappointing. Google, Yahoo, duckduckgo? Remember when they were several major indexes? Lycos, Altavista, etc.
Today Google actively removes things from their index at the requests of various governments and entertainment industries. We have very little choice in search, leaving much of the web unlocatable.
I don't remember Lycos/Altavista etc rendering anywhere near as much of the web (as a proportion of what existed back then) locatable, having a radical stance on copyright or having less obtrusive ads...
I vividly remember being unable to find anything useful in the first half-dozen pages on Lycos and Altavista and Yahoo and all the others, which is why Google took the entire market when they showed up with PageRank.
I am in the process of switching everything over to fastmail, which is a paid email service without ads, because I dislike the current state of the advertising industry so much. Plus, I'm now in a financial relationship where I am the customer, not the product.
I might likely do the same for a search page if such a thing existed and the price was right. Until then I use startpage or duckduckgo to (attempt to) retain some anonymity.
Serious question, but how do you feel about persuasion? Is all persuasion inherently manipulative, or are there some types of persuasion/marketing that don't cross the line and become "manipulation"?
It's a blurry line, but I believe it passes far to the left of advertising.
One dimension of that distinction is intent - are you trying to persuade me having my best interests in mind (including not applying the technique if you're not sure about the consequences)? Then I'll probably be fine with it, and consider it an act of friendship. Are you trying to exploit me by convincing me to make self-harming decisions? I'd consider this an act of malice. An attack.
Advertising of all kinds would be fine if it performed just the information function - by honestly trying to paint the whole picture and give all relevant information to enable customers to make a rational choice. As it is today, it's squarely in the malicious, abusive zone.
It's impossible to block all ads and trackers, especially now that so many people load vital resources from CDNs controlled by the tracking companies. With something like AdNauseam you add noise to your actual browsing so that it makes the data about you less valuable. If everyone were to use it suddenly no one would pay for the data and since it's no longer profitable it would stop. At least, I assume that's the theory.
> especially now that so many people load vital resources from CDNs controlled by the tracking companies.
I've been noticing this trend. I have a pretty extensive hosts file and this one site I visit started displaying ads. I had to double check to make sure my hosts file was correct and it turned out that they were saving the ads from their own CDN.
The advertisers don't mind paying for disruptive, intrusive, battery-draining, bandwidth-consuming, rich-media advertisements, so I don't mind draining their wallets.
You just said, "The sites I visit don't mind receiving money for disruptive, intrusive, battery-draining, bandwidth-consuming, rich-media advertisements, so I don't mind draining their wallets."
If there's someone who makes content you like to see, why don't you mind draining their wallet?
If there's someone who makes content I like to see, I purchase their merchandising, books, courses, assist to their events, etc., that's pretty simple.
Why support the middle man who just makes the Internet a worse place when you can directly support an author's efforts?
The advertisement business model just exists to justify the existence of low quality content.
It's precisely only messing with metrics, it just so happens that one of the metrics happens to be the one you agreed to use as basis for your payments. ;)
If google bans legitimate publishers, then the advertisers move elsewhere.
Also, increased click fraud on tracking ads lowers their attractiveness, nudging ad revenue toward sites that serve display ads targeted to their content.
This helps funnel money to sites that produce high quality content and away from low quality sites that happen to attract users that view high quality content elsewhere.
Advertising networks create profiles of users based on online activity including searches. It's called profiling. The ads you see are relevant to your interests as it is described in your profile. By randomly clicking on ads you render the profile irrelevant.
Yes and no. If you don’t click on ads you make advertising irrelevant but they’ll still keep collecting data on your behavior. Sure in the long run if everyone stopped clicking on ads it would be game over for the whole advertising industry. But in the meantime we can wreck havoc on their tactics.
The users of this extension have a clear case of the "I'm allowed to poke the dog with a stick, but the dog is not allowed to bite me" mentality, so it's a complete surprise to them when it happens.
If you're not browsing youtube with the extension enabled, I'd expect that Google refrains from using that completely unrelated customer relationship to fuck you over for using an extension they don't like. It's like if the city arranged to have your publicly-managed utilities cut off because you're fighting them in court over a traffic ticket, only I guess a bit less critical.
more like "I'm allowed to defend myself from the attacking dog by using the stick." I'm not surprised they want to take my stick away, but that doesn't make Google's actions any less shady.
The dog, in this case, is protecting their property. They're not in your yard, you're in their yard. So get out of their yard if you don't like the dog.
Maybe the dog in this case is protect people's incomes, but they're not a regular guard dog in the sense of protecting from intrusion. More like they're out in public, begging for food. Oh and some of them might have rabies.
> So get out of their yard if you don't like the dog.
I would if I could!
But we are not in a yard. We are in a public area, where I was walking along minding my own business and the dog came up and started barking at me. I never wanted to interact with the dog in the first place. He intruded on my life.
If it's publicly available then it's public, otherwise it's just deep web requiring authentication which is not public by any means. WWW was designed to be public, if you don't believe me you could ask Tim and "World Wide Web Foundation, which seeks to ensure the web serves humanity by establishing it as a global public good and a basic right." (http://webfoundation.org/about/sir-tim-berners-lee/)
What Tim Berners-Lee aimed to do is largely irrelevant, it's how it works in practice that matters, and in real terms, it's not public space. You can be banned by the owner with no rationale, or access could be restricted behind a paywall with no notice, or content you contribute could be deleted with no notice.
The World Wide Web Foundation has no particular standing and no authority on what actually happens on the web.
Shitty metaphors are shitty. It doesn't detract from my point. I'd avoid using Google if I could, but they seem dedicated to interacting with me even when I go out of my way to avoid them. I'm not going to accept that I'm the bad guy when I try to fight back.
A friend of mine studied abroad in Cuba. There were wild dogs everywhere. One of his roommates was shocked at their treatment. She would feed them and try to pet them, until one day she was bitten.
So maybe it's OK to poke them preemptively, to keep them at a distance.
I believe there's a saying in the Caribbean: "Feel sorry fi maga dog, him turn roun' bite you."
They fall into the gap where the most humane thing to do would be to kill them, but they aren't quite dangerous enough for anyone to do that without feeling bad about it.
In the context of ad networks, they do need to be burned to the foundations and rebuilt better, but no one can stomach hurting anyone that currently needs them.
Wikipedia summarizes fruad as "In law, fraud is deliberate deception to secure unfair or unlawful gain, or to deprive a victim of a legal right." The user does not unlawfully gain and the ad provider doesn't have a legal right that's being infringed on here.
Some legal resource I found online says that in the US fraud requires: (1) a false statement of a material fact, (2) knowledge on the part of the defendant that the statement is untrue, (3) intent on the part of the defendant to deceive the alleged victim, (4) justifiable reliance by the alleged victim on the statement, and (5) injury to the alleged victim as a result. [1] Note that "material fact" here is a legally significant phrase, and implies a written agreement or some other mutually agreed to terms that establish the expectation - which never happened between you and the ad provider.
No matter how you slice it the user of ad nauseum is not committing fraud. This misinformation needs to stop.
The user is using an extension that, on their behalf, is directing the browser to request content, acting as if the user had clicked on an ad.
(1) a false statement of a material fact
The extension is telling the site, "I am this browser (user agent), requesting this content (what's behind this ad url), who clicked on this ad (calling the onClick handler of the element that has the ad."
That's not true. The user did not click on the ad.
(2) knowledge on the part of the defendant that the statement is untrue
The user knows they did not click on the ad.
(3) intent on the part of the defendant to deceive the alleged victim
Everyone in this thread is saying it's to confuse the metrics, and some are saying it's to purposefully take money from the advertisers.
(4) justifiable reliance by the alleged victim on the statement
The vast majority of HTTP GETs to URLs that are only found as href on Ads are requested because the user clicked on the Ad in their browser. Can you name even ONE other time a browser follows the onClick event on an Ad?
First, a GET request is in no way a statement that the user intended to view an ad: is accidentally clicking an ad fraud? Of course not.
Second, a GET request is not even an indication that the user clicked on some element. It's not even a statement that the user requested a particular resource. Indeed, when the ad itself is requested you could hardly call that user-requested; if your analysis were correct I see no reason we couldn't extend it to say that ads themselves constitute a fraudulent statement that "this content is something you requested".
Third, even if a GET request amounts to a statement of user action (if not intent), adnauseam's actions do not constitute a false statement of user action/intent. There are lots of ways to activate the default onclick handler; physically pressing a mouse button is only one of them. Trackpads and touchscreens are other ways; are they fraudulent? Keyboard shortcuts and other keyboard navigation are yet more, are they fraudulent? No, of course not, since they accurately represent user actions. Installing adnauseam is just another method of performing the same action, clicking on ads. It accurately implements the intent of the user, more so than clicking, which can be accidental.
IANAL, but based on your own criteria, without a false statement of material fact there is no fraud.
>The extension is telling the site, "I am this browser (user agent), requesting this content (what's behind this ad url), who clicked on this ad (calling the onClick handler of the element that has the ad."
>That's not true. The user did not click on the ad.
I said in my comment:
>Note that "material fact" here is a legally significant phrase, and implies a written agreement or some other mutually agreed to terms that establish the expectation - which never happened between you and the ad provider.
It's not the GET I have a problem with, it's the fact that you're following the onClick, as though the user did in fact click.
And you left a YUUUGE amount of ambiguity there, intentional or not, when you used the word "implies."
I don't know how the courts take things like "Click here if you agree to the terms" on an online form, but I don't think you've closed the door on my argument, yet.
Thanks, Google. I'd never heard of this extension before now and had often wondered in the past why no one had thought of this strategy to screw with online tracking and data collection. The free PR is great, and now AdNauseam has another new user. :)
Because Google is not "the man" in this scenario that you're sticking it to - it's the website owner whose content you're consuming. Google gets paid either way, and AdNauseam is pennies on their dollar. Webmaster however, depend on advertising revenue to keep publishing.
Google is not the one we're trying to "stick it to". They are far from the worst player in this space. Moreover, AdNauseam is not meant as a surgical strike against some player in particular, but as a carpet bombing of the whole ad scene. Which, IMO, totally deserves it, and the collateral damage dealt to some publishers is totally worth it.
> collateral damage dealt to some publishers is totally worth it.
Said a clown before the rodeo.
The collateral damage is putting small independent publishers out of business and reinforcing monopolies in publishing. If you think tracking is going to be less pervasive by knocking down the little guys, you are sorely mistaken.
> ‘We know your dark secrets. We know everything.’ - Steve Huffman from Reddit
When all that's left is Reddit, Google, and Facebook - the collateral damage is the same thing you're trying to protect.
It seems this extension could be tweaked to only operate on sites with high Alexa rankings or similar to avoid this problem. That would probably be a good idea, because you make a good point.
Or, it could even have two "modes": a "carpet bombing" mode for high Alexa sites that clicks everything, and as you decrease in popularity, it increasingly begins to simulate real user behavior.
That would simultaneously disrupt the system for the big players and, hopefully, get extra revenue for the little guys.
The extension is trivial to customize if you'd like to employ it in a more discriminate fashion. Many people already whitelist sites they care about in their normal adblock extensions, this one is no different.
But more importantly:
> If you think tracking is going to be less pervasive by knocking down the little guys, you are sorely mistaken.
I believe the only way tracking is ever going to be less pervasive is when tracking simply doesn't work any more. Nothing short of widespread technical countermeasures will ever convince these people to back off, so I will gladly do anything I can to make their data as worthless as possible.
Monopolies in publishing seem to depend much more on ad revenue than small, independent publishers - who tend to utilize solutions like Parteon, fundraisers, donate buttons, referrals, sponsorship or just plain old self-hosting like in the good old days. There are plenty of alternative strategies available to players big and small, and the only thing I can see dying off is all the crap that the Internet drowned in since people started monetizing eyeballs.
Well, I just spent the the past hour or so installing Firefox, setting it up with my preferences/imported bookmarks/extensions, and uninstalling Chrome.
In the grand scheme of things, I know it probably won't make a difference, but I still recommend anyone else who is angry about this to do the same. It at least gives you some satisfaction in taking back a little bit of personal control from Google.
I think FF addons also need some more love this year. Was thinking of a low-hanging-fruit issue aggregator for FF plugins like this one https://github.com/spring-guides/issue-aggregator. Would you be interested in using such an aggregated list of bugs?
Yeah I just installed it as well and it's fun seeing all of the content that gets clicked on. Searching on Google shows at least 15 ads clicked/blocked. No wonder they hate this extension!
I heard about it before, but wasn't really motivated to check it out. Just installed it in Firefox and it seems to operate as you'd expect. This might be an opportunity for Firefox to regain some market share.
On the brighter side, AdNauseam got a lot of publicity due to the ban and will get even more. AdNauseam got acknowledged by Google as being dangerous to their business model. This fact is very good, in my opinion.
Personally, I first heard about this extension a month ago and didn't pay much attention to it then. Now I want to install it.
By clicking on the ads automatically, it seems like Adnauseum actually supports the underlying website (which earns $$) while also performing the function of muBlock. It is currently the best of both worlds!
I would like an AdNauseum type interface for video.
> By clicking on the ads automatically, it seems like Adnauseum actually supports the underlying website (which earns $$) while also performing the function of muBlock
That theory works until someone notices that the extra clicks aren't leading to anything else, complains about click fraud, and then the website is penalized with fines, account suspension, etc. That small site likely won't even have the resources to defense themselves effectively.
There's also an interesting security question: do you really want to automatically click on the next zero-day deployed through an ad network?
If the only reason Google have banned this from the Web Store is because it violates the Single Purpose Policy (https://developer.chrome.com/extensions/single_purpose) - i.e. Blocking AND Clicking Ads, then an interesting test would be to split the extension in 2 - One extension to block all ads on the page, and one extension to click all ads on the page. And then see if they are then both accepted into the store. And as this is a fork of uBlock, you don't really need the first extension - Why don't they just develop an extension whose single purpose is to click all ads on a page and recommend users also install uBlock?
How confident are people that it's not actually functionally malware?
If it's simulating clicks on every ad, what is its mechanism for protecting a user's client from ad-delivered malware that has now been activated without the user's knowledge?
I find it interesting that this particular Adblocker is being removed, while countless others remain. I suspect that other adblockers like, say, ABP or UBO, are less damaging to the agent fingerprint than an adblocker that clicks everything.
AdNauseam silently clicks the ads as you mention, so they're actively messing with Google's ad statistics. If I was Google, I would consider it an attack too.
Then why doesn't Google find some terms or change their terms or policy that clearly indicates why they are taking down the extension? It doesn't make sense to mislead the extension developers by giving them a nonsense reason for taking it down. Obviously, they believe the extension is destructive. So, they should use that as their rationale in taking it down.
It is an attack on Google, but if they want people to perceive Chrome as benevolent, they must leave this extension alone.
By blocking the extension (and, no less, actively removing it from places it was already installed!) they just reveal that the Chrome store exists primarily to serve their own interests and is not for the benefit of the user.
Is it just ad statistics, or is there actually risk to the client in having the extension silently forwarding client-side information to any page content that politely asks for it? Feels like that basically circumvents XSRF protection, right?
We may be overthinking this. Google may have blocked it as malware because it's malware, even if it's not intended to be.
It appears that AdNauseam is based on uBlock Origin. So giving the extra middle finger to advertisers does not mean giving up on first class ad blocking capabilities.
I don't think I've ever personally clicked on a Google Ad - they appear to me to only a combination of spam ('unwanted ads') and tracking/surveillance implements.
I don't own an Android Phone (any cellular phone, since the Snowden Documents disclosed mass domestic surveillance programmes). So I can't use AdNauseum. I do, however, run similar software on my laptop and I would have used this software or something similar to it were I to own such a device.
One of the reasons - above and beyond GPS tracking databases and my information from cellular phones going into HUMINT and propaganda databases - is that the phones and tablets I've used haven't been sufficiently owned by me.
Google/Alphabet's willingness to uninstall software on user's devices is an example of this: their terms of agreement lay out conditions equivalent to their partial ownership of your device, and your limited ability to own and control the device for yourself.
As many have pointed out, Google could handle this in their end and avoided pissing off a small but well defined group of users/developers. My guess is that they decided it wasn't worthwhile because they have some privileged ideas about the direction web marketing will be taking in years to come. As user behavior tracking and analysis techniques become more refined, ads won't be needed as much as they are now. Instead, ads will be placed in high impact areas/sites, and the intel to decide who sees what ads will be acquired even from sites with no ads. Better UX, deeper knowledge of users, simpler monetization strategies for publishers. Sure, it will be even more invasive of privacy, but it won't _feel_ that way to most users. This will require heavier use of NLP and ML, two things Google devotes a whole lot of time and money for.
In general I'm okay with websites saying, "hey, if you block our ads, we don't want you using our site". I think only a few big sites are doing that so far, typically it's not the kind of site that I'd be sad over.
If it was more prevalent, eg. if Google somehow managed to arrange for all sites serving Google ads to stop working if ads are blocked, that'd change the dynamic. Ultimately it's not gonna lead to me clicking on any more ads and then buying people's stuff, so I don't think it's in Google's interest, but it'd be interesting to see.
I would first argue that being able to detect the presence of specific extension(s) is leaking too much information about the client to the website but that's probably unrelated.
In principle there's no problem with sites that refuse users that don't view ads, I don't visit them, but I take no issue with them.
However, if I request a remote resource from your site and you transfer it to me, you have no say in what my client chooses to do with it.
Do you think it is unethical, immoral, or should be illegal to pay someone to clip the ads out of a free magazine before I read it?
If the website was one I liked and actually wanted them to get revenue, I would white list them in the extension. I do this on rare occasions when I find sites I really like that object to ad blockers. Usually, though, I haven't been allowed to see their content so no harm done. I just go find something else to click on.
Question: I'm not a web dev, Ive never heard of this. I currently use adblock plus and privacy badger. Does this do what they do? Would it be a good idea to install them all? If not which solution do you think is the most hardcore in terms of privacy. thanks!
GP should have asked "Who uses Chrome AND is privacy conscious enough to be interested in this?" Those demographics shouldn't really overlap much. It's like making a product for people who like hanging around in a casino but don't like gambling.
They do overlap. I'm privacy conscious but I feel myself forced to use Chrome because the alternative, Firefox, has subpar security features (no sandbox, no process separation) and terrible performance.
They're just recruiting based on specific search terms. It's not your search data or related to your browser. If you find a search term that pops up the recruiting message, you can send it to your friends and they'll be able to get it to appear as well.
Perhaps because it was costing them money and making their tracking data less valuable. Perhaps if AdNauseam stopped the clicking portion the ban would be lifted.
Making their tracking data useless is kind of the point of the extension. Obviously it's well within Google's interests to stop people using it. I guess if you're privacy minded it's probably best not to use a browser made by a giant ad company.
I'm not sure how I'd feel if something like this became widespread and I was paying Google for clicks.
Well. I guess that's the point. But then surely it's fairly understandable for Google to try and stop them - at least on their own turf?
Google doesn't fund Chrome out of a sense of altruism - they want to have control over those aspects of the web-browsing ecosystem that potentially threaten their bottom line.
And here is that strategy behaving exactly as it should. You want the stuff Google has paid to build? You probably have to accept that "I want to automatically hide and click ads" falls under the banner of "maybe you should use a different browser then".
This is MY user agent, not google's. I should be able to install whatever the fuck add on I want on it. Removing the add on from computer where it was already installed is incredibly user hostile.
So I installed Firefox and adNauseam on it. I was not a user before.
I hope that means what they're doing is effective and this publicity leads to wider adoption, then. The current form of user-data-vacuuming advertising and the business models it enables are the worst things to happen to the Web certainly, and probably to consumer computer tech more generally. It can't die fast enough.
I assume AdNauseam's random clicking is viewed as click fraud[1] by Google. Then, I'm guessing click fraud falls under the "Interfering with Third-party Ads and Websites" section[2] of the developer policy.
Edit: Hmm, below is correct. The "single purpose" policy is pretty hard to understand, and the reason Google gave for banning it. The policy above would seem more applicable.
A policy of not "Interfering with Apps, Third-party Ads, or Device Functionality" in the Chrome Store sounds like it'd outrule every adblocker.
The description of that rule also doesn't seem to apply: "Ads associated with your app must not interfere with other apps, ads, or the operation of the device, including system or device buttons and ports." It's specifically under the ads section of the policy.
I'm not sure the policy applies in any way to Chrome either: "...ensure that together we continue to deliver the world's most innovative and trusted apps to over a billion people through Google Play." EDIT: The link has been changed and now points to the equivalent Chrome Store policy. My other 2 points remain true though.
I was just trying to guess their underlying reason.
I can see, however, a view that "not loading" an ad doesn't qualify as "interfering" with it...but clicking on it for the purpose of disruption is considered "interfering".
Also, I updated the link to point at chrome extension policy vs app store policy. The wording is similar.
You're right that the wording is similar for the chrome extension policy. The section about interfering with ads is still under "Ads in Chrome Apps & Extensions" and the wording for the description is "Ads associated with your app or extension may not interfere with any ads on a third-party website or application.".
It's still clearly referring only to ads that are part of an extension, and AdNauseam obviously doesn't have any so it can't be the reason.
I ctrl+f'd ads to see what else they say, it's almost all in that section that doesn't apply but one thing that came up was "Impersonation or Deceptive Behavior" under Content Policies which contains the wording " Products or the ads they contain also must not mimic functionality or warnings from a user's operating system or browser". I wonder if that could be argued to apply - mimicking click functionality?
Ahh, yeah. So they only specifically care about interfering from an extension if the extension's ads are interfering.
I guess they just invented this "single purpose" policy to be able to ban things without coming right out and saying "you're hurting our revenue stream" :)
There must be someone from legal that's advising them not to ever say anything specific about extensions that mess with ads.
I never switched from Firefox. It had more of the tools I needed and at the time, Chrome's plugins architecture didn't allow sidebars at all.
I also hate how Google took pieces of WebKit and Gecko and smooshed them together into a closed browser (which they only opened up later). Granted WebKit was gobbled up from KHTML, but at least Apple expanded on it and contributed back, at least initially.
If Google where clever they would welcome this as creative destruction and search for a way to diversify there revenue stream mono-culture. But they cant, because they are the gold standard, and everything new will look like dirt besides the dairy cow that keeps the comfy live afloat. Thus google has become Microsoft, and Microsoft has become Google, the cycle is complete.
All "hobbyist" projects, gunned down before they could be taken by the likes of elon-musk to the runway.
For you shall not have other power-cores in a company, beside the one.
What point did we begin to feel entitled to do whatever we want in someone else's software?
If someone wants to kick you out of there house for no reason, you leave their house. You're not paying to be there, you're not paying to publish there... you have no intrinsic "right" to be there... you were there as a privilege - when it disappears, for whatever reason, there is no reason other than a false sense of entitlement to whine about it...
> there is no reason other than a false sense of entitlement to whine about it
So the rest of us shouldn't be aware of what Google is doing and base our choice of browser on that?
I agree Google, Apple, etc. are absolutely entitled to kick people from their stores for whatever reason they want. But, we should also be informed of this especially when it seems to be based on self interest rather than protecting their users.
If you act like you're running your house for the benefit of the public, don't be surprised if people get upset when you start throwing out people you don't like.
AdNauseam is silently clicking ads. This directly costs Google money. Google happens to control the extension web store for their own browser. Removing it from the store really isn't that bad. Uninstalling it from existing browsers as malware? A little more malicious, but I would still consider it self defense.
There is even a method to install it directly[1] which AFAIK Google has not blocked.
Granted, if Google were not both running the browser and the ad network, these actions probably wouldn't have been taken. But the whole attitude that this is some sort of tyrannical thing is a little over the top.
1. https://github.com/dhowe/AdNauseam/wiki/Install-AdNauseam-on...