A secure standard for ads. Right now reputable sites are running ads from people they shouldn't trust, and getting bit in the ass by it. Popups, page takeovers, even viruses get distributed through ad networks and end up on non-malicious sites.
None of that should work. Ads shouldn't be able to inject their own JavaScript into a page. There's a technical solution to that problem.
Let's narrow down the scop of things an ad needs to do (display an image, maybe play sounds and videos (after user clicks on them), and send back a reasonable amount of tracking data, etc). Then let's come up with a sandboxed DSL for ad networks to specify their ads. Web sites could embed those ads inside an <ad> tag that sandboxes that content and makes sure only supported functionality is being used.
Then I can turn off my ad blocker and not have to worry about all the security issues that unscrupulous ad providers bring with them today.
None of that should work. Ads shouldn't be able to inject their own JavaScript into a page. There's a technical solution to that problem.
Let's narrow down the scop of things an ad needs to do (display an image, maybe play sounds and videos (after user clicks on them), and send back a reasonable amount of tracking data, etc). Then let's come up with a sandboxed DSL for ad networks to specify their ads. Web sites could embed those ads inside an <ad> tag that sandboxes that content and makes sure only supported functionality is being used.
Then I can turn off my ad blocker and not have to worry about all the security issues that unscrupulous ad providers bring with them today.