1. They say it's legally not click fraud. To me it sounds like regular fraud: "deception to secure unfair or unlawful gain, or to deprive a victim of a legal right". I'm not concerned with breaking the law I just don't want to act in the spirit of it.
2. This could hurt small startups that are very carefully managing an ad budget. They say the market will adjust, but until it does small startups take a hit. People we know.
3. I dislike activism without clear objectives. I see no list of guidelines here or good behavior that companies could adopt to immediately place them on the side of the good guys.
The goal highly specific. It is to make Internet advertising artificially expensive, and it is to make harvested data about users inaccurate.
There are no "good guys" on the other side. People shouldn't track me, that one's obvious, but they also shouldn't advertise at me, ever.
Human attention is extremely valuable, by far the most expensive commodity on the planet. If advertising companies want my attention so damn bad, they can pay me ~$65000 a year for it, same as my employer does. Otherwise, they can piss off.
I'm shopping for a $1.3M turbine part. It will look nice next to my hand made tibetan merino wool cat stand that I am also shopping for. Of course my eyeballs are worth $1000/minute. Why do you ask?
As mean as these guys are, they could be a lot worse.
Anyway, kudos to the extension authors!
Agree. I think it's unfortunate that so much of the debate around advertising, especially from many on the side of ad blocking, focuses only on the evils of tracking and privacy erosion. This project does it too. From their FAQ: "It is not advertising we are protesting, but advertising insofar as it represents a dominant means of tracking users without their consent." But advertising itself should be protested. I don't know why so many shy away from that. I've been working on a project to promote ad blocking. It's been discussed here on HN before, but I'll link to it anyway. https://blockads.fivefilters.org/acceptable.html
Where in the spirit of the law is the ability to surveil consumers reading choices in order to influence their spending enshrined? It just emerged when people realized that the information was valuable.
There were similar projects involving sharing customer loyalty card numbers for grocery stores, and I never saw the argument that sharing your card number with others was fraud.
I think you are seeing that if consumers protect themselves against this type of surveillance then the lazy (and cheap to measure) metric of clicks becomes a less effective metric for measuring advertising placement value. It exposes the fact that those measuring this were barely providing value to advertisers and publishers in the first place. That doesn't make it fraud, that just inconveniences a large industry that pays a lot of bills. Those are very different things, both ethically and legally.
As to 3, this has clear objectives, they are apparently just much farther reaching than you are comfortable with or agree with. I get it, I worked in the online advertising ad network business for many years, however I never fooled myself that this business was anything other than an unethical anti-consumer endeavour. That's why I don't do it anymore.
If anything prosecutors should start with the rampant fraud being committed by companies in the online advertising space before they even think about looking at consumers.
FTR: I don't use AdNauseam because I'd prefer to nuke trackers and ads alltogether, but I'm supportive of the project.
So at the end of the day there is still no viable alternative to advertising supported content. Kill advertising and you'll take the content with it, because many of the content producers and curators won't waste their time for no return.
I don't like ads, but I like my free content, and ads are an acceptable way of financing it.
Edit: I get that some of you really don't like ads, but the quality of comments here is abysmal. You guys are living in some kind of dreamland if you think you can just kill of advertising and not lose something in the trade off (PS imagine a world with no Google, Facebook, Twitter, Instagram, Snapchat, etc.) I honestly expect more intelligent commentary from HN, consider both sides of your argument.
What is your preferred method of paying people on the internet for their content? Do you think that micropayments would be a valid way to deal with this compensation gap?
There is absolutely no criminal or civil statute nor legal principle in any American or European jurisdiction that binds users to respond to advertising in an accurate or forthright way.
To have such a law on the books would be utterly ridiculous: how could you ever prove in court that I did or didn't properly reflect my forthright intentions when I clicked on a "one weird trick" advertisement? And under what possible principle could I have implicitly contracted to give you an honest assessment of my interest in your advertisement?
Your proposition is perhaps one of the most insane ones I've ever heard argued about advertising, because it claims that you not only have a contractual right to knowledge of my consumerist tendencies, but -- amazingly -- that you believe that contract is with society writ large (i.e. where breach is a criminal fraud) rather than with you (i.e. civil breach) as a service provider.
There isn't a god-given right to make money via your chosen business model. Ads are a sleazy way to make money, and if you choose that, you should pay the consequences. Appealing to "people we know" as if that makes their behavior better? Ugh.
> 3. I dislike activism without clear objectives. I see no list of guidelines here or good behavior that companies could adopt to immediately place them on the side of the good guys.
I can't speak to the goals of everyone who is anti-advertising, but my goals here are:
1. Users should be customers, not products, so that companies act in the interest of users, not in the interest of other companies.
2. Users' attention should be respected, only giving users content they ask for.
3. Companies should create products users value enough to pay for, and compete on quality, rather than competing on how many users they can shove idealized presentations of their product (often outright lies) in front of.
> 3. I dislike activism without clear objectives. I see no list of guidelines here or good behavior that companies could adopt to immediately place them on the side of the good guys.
Analogy time. A guy sits outside my house with a camera, making pictures through a 10cm slit between the curtains. I come out of the house, take his camera and smash it. Vandalism? Don't think so. Activism? Not really. Basically, this is just self-protection. Preventing this from happening in the future (or at least making a good attempt at it).
I'm all for helping fellow startuppers, but no part of me feels that startups that buy ads are an endangered species worth nurturing. The whole ad model leaves the world worse off, and it sucks that startups are left with no option but to participate in it.
Legally, you might get Tortious Interference pass the laugh test, but who is interfering? The author (if they're cautious) isn't running it, so you're likely looking at RIAA-style fishing for IP addresses for random people who installed the plugin and contributed a tiny amount, and we've seen that show already[1].
2) It could. Things have hard-to-predict effects. I see no reason why I should weight small startups as more important than the set of everyone disgusted by the invasion of every metaphorical orifice with surveillance tentacles.
3) Good on ya.
I don't know if I'm going to run this plugin or not. But this is exactly the sort of thing needed to level the playing field between the commercial surveillance shops (Facebook, Google, the other ad shops, on down the spectrum to phishers and other outright criminals) and actual humans.
We know that any form of legal or illegal online surveillance that has a chance of being commercially self-sustaining will be at least trialed. This has been demonstrated repeatedly. Legally, this is difficult to address sensibly because of the mismatch between the legal system speed and the tech-landscape speed (not to mention the inevitable unintended-consequence shakeouts, and the slowness of general wisdom in times of change). And that's even if assuming the Powers that Be want to address them, which is unlikely in the U.S. while a con-artist setting the agenda.
So that leaves making as much of the surveillance business model untenable as possible. I don't know what the right approach is, but it will likely be one that involves feeding the watchers lies.
I really don't like pissing on other people's work. But if that work is dedicated to things that make my life worse, I retain a right to, among other things, lie to their creation out of self-defense. It is that simple.
Random, related aside: I'm unlikely to have time to make this happen, but one thing I've thought would be fun is to see about how tricky it would be to repurpose some test equipment to be, say, a whole herd of Bluetooth phones[2] taking a walk by those iBeacons. Being more subtle would likely be a lot more fun, depending on the target, and would serve as a useful reminder of what 'unlicensed spectrum' means.
[1] Spoiler, here's the ending: https://popehat.com/2016/12/16/the-prenda-saga-goes-criminal...
[2] What's the collective noun for phones?
I suppose it wouldn't. You probably wouldn't even need to leave home more than once - to read beacon data with a BLE debugging tool like nRF Connect. BLE beacons are broadcasting devices - they don't talk with your phone, they're just shouting "I'm here"! All data the vendor can get must come from an application on your phone. Hence, just capture what it's sending, fire up a VM cluster and have fun.
Hell, I might try doing that one of these days.
Internet advertisers are almost 100% reprehensible and fully deserving of what happens to them. They've spent years pissing in the pool, there is zero reason they shouldn't be force-fed the results.
The key moral argument in play in this entire matter is: "fuck these people and fuck everything about them." I owe advertisers nothing. They are loathsome abominations and have turned the Internet into surveillance capitalism malware soup. Causing them pain is pretty much an ethical obligation.
(BTW, I was surprised and pleased AdNauseam didn't act against Project Wonderful, the closest I've seen to a non-reprehensible advertising network and one I unblocked specifically in uBO. But the rest can frankly go and get fucked.)
They are actively poisoning the internet in more ways than one.
They had their chance to work out better ways to advertise, and they instead redoubled assaults on attention.
This is getting installed on all of my browsers on all of my PCs. If your startup is advertising based, find a different model, or do without my business. I have no obligation to help you fund yourself or use your product if I find the monetization model insidious.
If they are small enough, niche enough, or entrenched enough, then it sometimes seems to work for a limited time. Personally I don't find it a major threat.
Keep a list of identified writers/writer 'styles' that are penned by fraudsters. Like easy-list is for ads.
That'd be the only way to clean up to the net. For a while at least.
For example one use case is collection of news. My app looks almost like a typical RSS feed reader, except that article content is full and interactive. I can inline stupid image galleries that break article flow, I can convert custom video players into a simple <video> tag, I can drop what I don't care for. I can switch between tor/non-tor mode in a secure way that doesn't leak anything and is probably more secure than torbrowser.
I have direct access to any OS programs, so I can easily open m3u8 videos in mpv player on one click or using a keyboard shortcut, or I can download streaming videos locally and convert them to mp4 on the fly, save useful content of the pages to the database, including relevant images, etc.
All JS code is controlled by me, web servers serve me only as data sources.
What is key to make this fun and useful is structuring the app as a unified UI for multiple data sources and to be able to define data sources quickly. Fortunately ES6 generators can be used in a way that makes fetching and transforming data without the need for callbacks, or promises very easy and clear. Adding a new source is usually a matter of minutes.
It is also nice that when improving the UI, I get a new feature for all the websites that I frequent at once.
It allows me to consume content the way I want, without much exposure to tracking. All the website gets from me is an access_log entry, no cookies, nothing.
I'd say I'm quite ahead of the "war" between users and advertising networks.
That, and finally write a decent Hacker News suite for Emacs.
Odds are that this addon doesn't actually trick the major advertisers whatsoever.
1. Any user/session that is seen clicking many ads across many different domains will quickly have their entire history ignored. You can bet that if your browser is seen clicking 1,000 ads across 10 domains in one day, that your assault will be completely ignored and have exactly zero effect against the network or its advertisers.
2. If the addon manually triggers click events on hidden elements, then the ad network likely has javascript detecting these clicks as invalid and ignoring those impressions. a) Any element that is not visible on screen has events ignored - it will check for display:none, visibility:hidden, as well as common off-viewport positioning, transparency tricks, etc. b) When you manually trigger a browser event on an element, no event object is passed to the event handler, meaning those events are easy to detect and dismiss.
Networks aren't guaranteed to implement #2, and any implementation may not be very sophisticated, but I'd bet a good penny that there is at least a basic client-side line of defense. If you manage to outsmart the client-side implementation, you're still very unlikely to outsmart the server-side analytics, where people who live and breathe this industry have spent over a decade writing software to analyze every ad click, specifically to not be fooled by such a naive attempt to hurt their business.
... who will then have to revert to a more sane monetization scheme, which doesn't mess with their visitors' data.
From the perspective of the ad network:
Lower click quality drives up the merchant's cost of sale (COS). Sitting between the merchant and the publisher, the ad network tries to balance this out, by
- mixing good and bad traffic sources
- encouraging the merchant to spend more money
so they can buy better traffic and/or rank the offers higher on their publisher's sites
- punishing the publisher for sending bad traffic by lowering the amount the publisher is paid for each click
- filtering out extraordinarily bad traffic
I do not see the direct benefit of this for the end user...
(1) for example by paying more money to antivirus providers to send your browsing habits their way.
edit: formatting
The hope is that publishers will understand why they're getting hit by the collateral of the fake-click barrage and move out of the blast range by changing their ads into unobtrusive ones, or even moving away from ads entirely into models like:
- treating your webpage as an investment
- sponsorship / patronage
- subscriptions
- paywalls
Additional hope is that the whole ad industry finally implodes.
This will just be another volley in the ever escalating ad arms race.
Even in the long term? If plugins like this are super effective, then the value of tracking becomes less than the cost of doing it. Eventually, advertising might revert to a less intrusive model like billboards or magazine ads.
I posted it to my Facebook earlier. So far the response has been unbridled glee. I think you're tremendously underestimating the sheer joy people have at being handed a method of striking back at the people making their lives a misery, and need to recalibrate your model of how people will react to this.
I just do not see how this act of online vigilantism is going to change things or help. The cost that merchants encounter are opaque, they have mostly no control over the publishing side, if they even know where their ads are shown at all. So, advertising gets more expensive, but as one commentator here said: "I must advertise, else I will have no sales at all."
Lastly, to click on an ad, the user will most likely need to execute the javascript associated with the ad. At that moment, they already have been tracked, and any malicious drive-by-downloads will run on their machine. Clicking on all ads you encounter will just make your browsing trail that much wider (user reads HackerNews, browses late in the morning, stays long on sites with cat memes), and your unique browser footprint will be associated cross device with your profile so you get more targeted ads on your mobile devices.
I use Firefox largely because it's the most hackable browser. I tweak Firefox to do and not do several things:
- I don't allow sites to see my history - I don't allow peerconnect - I don't allow WebRTC (shows private address schemas) - I don't allow much JS - I don't allow fingerprinting beyond pure basics - I don't allow HTTP/S referrer
I do block everything not associated with the pure content of the page. This is getting more difficult, but the tools to help are keeping pace.
http://12bytes.org/articles/tech/firefoxgecko-configuration-...
Yes, this makes my fingerprint highly unique, no good way around that yet, but I use multiple instance of Firefox for different purposes as mitigation
I use the following Firefox addons:
- uBlock Origin
- Disconnect
- Decentraleyes
- Webmail Ad Blocker
I make the following changes in Firefox's about:config:
layout.css.visited_links_enabled (Toggle to false)
media.peerconnection.enabled (Toggle to false)
network.prefetch-next (Toggle to false)
network.http.sendRefererHeader (Set to 0 (zero))
network.http.sendSecureXSiteReferer (Set to false)
I also sometimes set dom storage to false, but this can sometimes interfere with some webmail clients.
If you're unsure of a setting, reference the Mozilla KB: http://kb.mozillazine.org/About:config_entries
It's certainly plausible. All pre-internet advertising avoided tracking of individuals. There exist even now advertising agencies that cannot possibly serve up malware to their customers. Arguably Google achieved its great success by being a less-abusive advertising platform in its day.
> destroying the community we live in.
... thinking in terms of violence.
(edit: if it works. someone else has written that these fake clicks simply get filtered)
Effectively, this would make it impossible to tell ads from not-ads leading to a much worse experience for everyone.
I would say that for once, the law is actually catching up with Internet activity that would clearly be illegal if done on a physical paper.
Like are you going to fine a movie studio for having an actor in a movie drinking Coca-Cola or driving a Volvo?
Which specific laws are banning this practice in Sweden for private entities?
Realistically though, I have very low expectations for this to actually happen. I know many people who still haven't installed any ad blockers.
Automatically sending the click beacon for every blocked ad will increase advertising costs but it will also increase vendor profits, motivating them to add even more ads.
Until the 3rd party click validators start to filter out clicks generated by this somehow. And then we will have yet another arms-race besides the adblockers one.
And at least in its current implementation, I would guess most 3rd party click validators already filter it out.
(disclaimer: ad-supported news sites pay my bills)
I believe that's the point of it.
If you try to finance your site using tracking ads, or if you advertise through networks that use invasive tracking ads, or you are a network that distribute such ads - then I have no problem helping taking you out of business.
Someone will get infected with malware by using the shady ad-network with a higher revenue, so what's the difference?
Doesn't it just re-open the attack vector?
I think it's a fun concept, but the implementation of it may or may not be something that you want to fight with for less than a day before swearing it off. It's possibly so bad that I think it may have been written in order to turn people off from this 'attack' towards trackers as it may or may not remind one of the repulsion that rotten milk has upon first sniff.
It does actually let through ads uBO doesn't (though it embeds uBO and uses the same filter lists), but nothing I can't live with. Doing my bit to make Internet advertisers' lives that little bit more miserable is pretty much an ethical obligation at this stage.
The FAQ does say only to run it if you know what you're doing. But I think anyone who reads HN will have no problems whatsoever in running this extension. If they do, the code's right there.
https://github.com/dhowe/AdNauseam/blob/master/src/js/adn/co...
I should try sending HEAD requests to ad servers, to see if they return a redirect. No idea what the ad brokerage systems will do with those.
Only costs me a couple bucks a month too.
glad to see more software out there based on this concept.