Blockers will win the ad-blocking arms race

Ad-blockers begat ad-blocker-blockers, which begat ad-blocker-blocker-blockers, with no end in sight.

But a quartet of distinguished security researchers from Princeton and Stanford say that the blockers will win in the end -- publishers will not be able to make their ads unblockable, nor will they be able to detect whether their ads were blocked.

The researchers start from the assumption that advertisers and publishers will have to put up with some constraints on their tactics, lest they be accused of deceptive advertising practices. They also leave an open question of whether publishers will be able to successfully sue ad-blocking companies -- which would mean all bets are off.

In this paper we have presented an approach to ad blocking which is radically different from current techniques. Current ad blocking is based on the laborious process of creating filter rules and is easily disrupted by obfuscation implemented by publishers. In contrast we take a principled approach to the problem and present solutions that are easier to implement and harder to evade. Our work refutes the belief that the battle between publishers and users is leading to a permanent arms race between the two parties, and presents a much more nuanced picture.

Ad blocking is an important area of study for the security community. It combines old techniques from the domains of malware and program analysis with some new concepts such a mimicking human behavior. There is a significant need for follow-on technical work into the expansion of techniques that we have introduced as well as a debate on the ethics of ad blocking.

The future of ad blocking [Arvind Narayanan/Freedom to Tinker]

The Future of Ad Blocking: An Analytical Framework and New Techniques [Grant Storey, Dillon Reisman, Jonathan Mayer and Arvind Narayanan/Randomwalker]o

Notable Replies

  1. advertisers and publishers will have to put up with some constraints on their tactics, lest they be accused of deceptive advertising practices.

    This fundamentally mischaracterizes the direction of the ad industry, which has already moved into advertorial, sponsored content, embedded, experiential, etc. Publishers and advertisers are clearly not worried about any such accusations.

    There's no ad blocker that's gonna be able to hide BB's bicycle playing cards ad-posts, for example.

  2. Speaking of which. I've been getting an increasing number of malware loaded redirect ads on boing boing. And horrible sluggish pages due to ad weird. Unfortunately it always seems to happen in a non-active tab so I can't catch which ads are on the page. It seems to happen to every page provided I keep it open more than a few minutes. It'll either chug, or a "windows needs to save you please click this button to ruin your computer" type pop up and redirect loop steals focus.

    I really don't like the idea of an blockers. I want the places I visit online to get that ad revenue. But this crap is everywhere. And it's starting to get old.

  3. Sqarr says:

    As far as I'm concerned, online ads are too much at risk of being dangerous to my security. Until advertisers straighten their shit out and stop being invasive fucking assholes, I don't care what pain they feel. My computer is not yours to fuck with.

  4. The thing that really pisses me off about this kind of thing -- especially WIRED: I don't use an ad-blocker, and I still get that message.

    What I do do is browse in incognito mode. So it's not enough that I allow them to show me ads. They wont let me access content unless I allow the ads to track the hell out of me. That's not right.

    (My work-around is to have a specific "Anonymous" profile in my browser that I pull up if I need to go to wired or sites like that; the profile deletes all the cookies on exit, so I don't get tracked session-to-session.)

Continue the discussion bbs.boingboing.net

152 more replies

Participants