Monday, May 4th, 2009
One of the dirtiest secrets of the Internet is that it runs on ads for monetization. All of us who surf the web and use systems had lots and lots of free lunches because of advertisements being shown on web sites. The only difference to TV is that they are less obtrusive and you can choose to ignore or skip them (for now).
Self-righteous developers who do not quite grasp this dirty secret use all kind of tricks to remove adversiting from web sites they surf. This could be because of not wanting to support the corporate machine but also because of security reasons. Ad code on the internet is dire – it is built to support every possible imaginable environment and work around restrictions of setups – the ads need to show, no matter what.
Basically there are two extensions for Firefox that allow you to get rid of this potentially dangerous but definitely annoying code. Ad Block Plus specifically targets advertising and removes it and NoScript goes much further by blacklisting all scripts and asking you as a user to allow what you want to allow.
NoScript had ads on their homepage (which gets loaded in your browser every time it gets upgraded, which is quite often) and the problem was that AdBlock Plus would block these – after all this is what it was built for. What people found out is that a build of NoScript actually detected the presence of AdBlock Plus and added its own homepage to the whitelist of AdBlock Plus programatically (the code that did this was obfuscated).
This poses some interesting questions:
Is AdBlock Plus a useful tool, if it can be changed that easily? On the other hand, seeing that the community found out the change this fast is a good sign.
Are changes to other installed software OK if the software that does it is free and makes the web a safer place?
Are free extensions a safe and useful way to battle unsafe advertising or is this the job of browser vendors?
What do you do about malware and ads on web sites?
Posted by Chris Heilmann at 11:04 am