undefined | Better HN

0 pointsmanigandham7y ago0 comments

I wrote both comments. There are billions of impressions but a single creative is not seen by that many. The point is that the scale is too large to validate on the publisher side.

0 comments

2 comments · 1 top-level

pushpop7y ago· 1 in thread

It seems to me there are two solutions to this problem:

* remove the ability for 3rd parties to abuse their automatic powers (ie disable their ability to inject JavaScript)

* or have a human manually vet every creative

The problem here is you neither want to control their access nor take responsibility for monitoring their access. So the blame equally lies with yourselves for not managing an easily exploitable vector of attack.

If this were any other system, eg VPN, security professionals would tear you a new asshole and point out just how irresponsible your lack of management is.

You’re only excuse here is greed and frankly I’m disgusted.

manigandhamOP6y ago

Major ad networks already vet every creative. The problem is javascript which can change at anytime. Banning javascript in creatives is not a technical problem, it's a business and politics problem. Same with just about every other issue in adtech.

I'm not sure who you think I am or why you're accusing me but none of this is down to a single person.

j / k navigate · click thread line to collapse