General > General Technical Chat
Why has nobody made a browser which adblocks without the website detecting it?
AntiProtonBoy:
--- Quote from: peter-h on May 06, 2021, 03:04:49 pm ---Sites detect adblocking by checking if some specimen content got rendered. Not sure of the detail but somehow a site can read back what got rendered.
--- End quote ---
Not just about whether something is rendered. The server could also potentially detect whether an ad resource/asset has been accessed by the client. For example, if an ad element has been hidden by the browser, then the browser may not even bother sending additional HTTP requests to pull content and assets from the ad server. Consequently the ad server may detect this, as there is an expectation of such requests when the web site is loaded.
Whales:
--- Quote from: NiHaoMike on May 07, 2021, 02:03:58 am ---
--- Quote from: Black Phoenix on May 07, 2021, 01:51:36 am ---So I hate Ads, but I understand why they exist. Unfortunately the what was Ads now are mining scripts that mine crypto while that browser tab is open and you are still in the website, with in some cases being persistent in the browser memory until it is closed/restarted. That I disagree.
--- End quote ---
Exactly how do those crypto miners hidden in ads really work? If they work the way pool mining normally does, could it be possible to more or less hack it so that it submits a lot of invalid shares (i.e. claim that a nonce solves the hash to the pool's satisfaction but actually doesn't) and gets the account blacklisted for excessive invalid shares?
--- End quote ---
I'm lead to believe that proving a specific mining solution as correct or incorrect is generally very cheap to do. Remember that even a CPU's performance is measured in kilohashes/second and (if I'm not mistaken) you only need to perform one "hash" to verify whether or not a solution is correct. The javascript crypto miners probably send your mining results directly back to the author's servers rather than directly interacting with any blockchain or other system. They can then verify your work before cashing it.
I suspect (?) that the cost of running/verifying a single hash is < the cost of submitting a single hash to them over the network, so DOSing them with false results probably isn't worthwhile.
rdl:
When using NoScript, start off with the option to "Temporarily allow top-level sites by default" enabled. This will for example allow scripts from Newegg, but if Newegg's site wants to go run a script from somewhere like google.com it will be blocked.
Also be aware that many sites will require an associated cdn url that it will need for things like images (neweggimages.com, ssl-images-amazon.com). I generally just set these permanently "Trusted".
Embedded videos are almost always a problem as it can be hard to figure out where they are actually coming from. For Youtube all I ever need to allow is youtube.com and googlevideo.com, but a youtube video embedded somewhere else (here for example) will still not play.
If you go to any of the old school media sites, you'll find they are among the worst offenders. I can got to cnn.com and at first NoScript will only show the option to allow cnn.com, but once that's done you will see that cnn.com wants to run scripts from over 25 other domains!
Whales:
A few comments regarding addons mentioned so far
Noscript
I used to love this addon pre-firefox-quantum. Post it seems to have really been gutted (including the removal of script surrogates).
It's new UI was too far different and hard to use compared to the old one, so I moved to using ublock origin's UI (to do essentially the same) instead. It lets me whitelist 1st party scripts, 3rd party scripts or specific domains (all per website) with a few clicks. Still not as nice as middle-clicking the noscript icon used to be, but it gets the job done.
Adblock plus
These guys accept money to let ads through their filter by default. This action spawned lots of competitors, ublock origin seems to be one of the most popular at the moment.
peter-h:
I used noscript ages ago and it just crippled most websites.
I use Adblock nowadays but many sites detect it.
The basic issue is that nowadays most ads are served from the base site IP. The price you, as site owner, pay is that your server bw goes way up, but you get a lot more ad click revenue because dumb adblocking mostly doesn't work. As a user, in the old day you could just block google-ads.com or whatever and that was the job done. Now, ad blocking has to use scripts which detect the ads explicitly by pattern. This is what the excellent Facebook Purity does, and FB are constantly changing their HTML to get around it, but it generally works very well.
I still don't know why there isn't a browser which renders the ads to an invisible page.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version