Skip to content
Redacted
Naked Security Naked Security

Adblockers are “censorship” says ad-tech company

Recent research by ad-tech company Oriel has found that adblockers are doing more than simply blocking ads and have accused them of "interfering, changing and potentially censoring web content"
Written by
April 20, 2016
Naked Security ad blocker Ad-blocking adblocker censorship malvertising Oriel

Recent research by ad-tech company Oriel has found that adblocking is actually doing more than simply blocking ads.

Adblocking is, they say, a “blunt instrument” that’s causing error messages on websites and leading to important content disappearing from things like airline check-ins, cookie policies and order-tracking pages.

Even entire blogs are going AWOL without us knowing, they claim.

The company, who endorse the UK culture secretary’s assessment that adblocking is “a modern day protection racket“, report that a number of the UK’s top companies including BA, Land Rover, P&G and Vodafone are being affected.

Third party Adblockers have become very popular in the last few years and browser vendors like Opera and Microsoft are now starting to integrate adblocking directly in to their software.

Mobile operator Three is even looking at blocking adverts at a network level and Oriel is concerned about that too, describing it as a “shady and serious issue”.

Oriel isn’t the only ad company who doesn’t like adblockers though, the entire industry is rattled – in 2015, a report by Adobe and PageFair claimed that adblockers would cost business $22 billion USD over the course of that year.

Oriel, just wants to protect publishers from “censorship”:

It might seem convenient, but below the surface is a very shady, and serious issue – it is interfering, changing and potentially censoring web content and like a “man in the middle attack” the true nature of what the publisher intended to deliver to their website audience is therefore compromised.

While we believe adblocking is a consumer right we also believe that publishers whose content we access have the right to protect the Integrity and Delivery of their web content from any form of manipulation, change or censorship.

Am I, a member of the browsing public, really concerned about publishers’ rights to protect the integrity of their web content from a form of manipulation, change or censorship that I’ve sanctioned?

Not in the least.

People like me running adblockers want to manipulate pages. We’re downloading adblockers because we want a better online experience; we want faster, safer and easier-to-use browsers. We want annoying, irrelevant and potentially unsafe ads to be blocked.

I’m much more worried about my PC being infected by malvertising and fed up with annoying and irrelevant ads. After all, suppressing an adblocker that gets in the way of a site I want to use is far less hassle than sorting out an infected computer.

If adblockers are accidentally tripping over and blocking other bits of pages then that’s unfortunate, but unless it’s deliberate it isn’t censorship, it’s just a false positive.

Is this type of scaremongering really going to stop people turning to adblockers?

💡 LEARN MORE: Malvertising – When trusted websites go rogue (recorded webinar) ►

Image of text that has been redacted courtesy of Shutterstock.com

Read Similar Articles

37 Comments

People who browse the Internet have spoken with their use of Ad-Blockers. I don’t think the intent of Ad-Blocking is to block free speech or revenue. Web site publishers really need to reconstruct the ad delivery network in a way that is safe and private.

Not censorship, but anti-malware never mind the ad networks slow down my page load speeds quite a bit

These ad companies are ridiculous. If the ads were safe, less intrusive, less aggressive, and more relevant, then we wouldn’t need ad-blockers. I agree, missing content on a site because they’re blocking my ad-blocker or a false positive is MUCH easier than removing an infection or re-installing the OS. Block my ad-blocker, I stop using your site. In the end, the site is still losing money.

I use an adblocker to mitigate the possibility of malvertising. If I want to block flash only, I can do that by making the plugin ask each time. However, I use both of these because I believe in multiple level security. If companies really want me to see their ads, they will accept responsibility for damages due to malvertising without question or condition.

The future I see is one where we go back to 468 x 60 banner ads (gifs are fine with me). If it wasn’t broken, it shouldn’t have been fixed!

Especially annoying are sites that tell you to shut off your ad blocker. These get closed immediately. Another emerging phenomenon is the “multi-page” sites, on the order of “ten things your garbage man won’t tell you…” that are presented one page at a time with an ad every two pages. You used to be able to click past the pages that contained the ads, but now the presentation just stops — shame on you for blocking ads!

That was quite a misquote Alison, we did not say “Adblockers are censorship” here is precisely what we did say.

“While we believe adblocking is a consumer right we also believe that publishers whose content we access have the right to protect the Integrity and Delivery of their web content from any form of manipulation, change or censorship. Once a webpage is delivered to a user as intended by a publisher and just like we receive a book, a magazine, a newspaper from a traditional publishers, then and only then should we be allowed take out our adblocker / pen to change what we got and if we feel like it, draw a moustache on the queen!”

Cry me an effing river, Oriel. Do websites, including Forbes, think that their content is so precious that we will do anything to see it? Bah-wah-hah-hah. We have one word for all of those special snowflake websites that are “disallowing” adblockers: “Next!” You see, for every website that denies visits based on adblockers, there are tens of thousands of websites that do not. Don’t want me to use my adblocker because, sniff-sniff, your intrusive and possible malware-filled ads won’t be seen? Then certify that the ads are malware-free and then we’ll talk. But in the meantime I’ll continue to use my adblockers.

No. The recipient has the right to decide what is delivered to his or her browser. The publisher has no right to overrule the wishes and interest of the recipient.

So it’s network-level blocking you object to, not browser-level blocking?

What about browser-level blocking that prevents the ads from being downloaded in the first place; would you argue that that was preventing the content from being “delivered as intended by the publisher”? Because forcing someone on a mobile network to download your 15Mb Flash advert before deciding not to display it seems like a bad idea to me.

If I bought a magazine that covered the articles for (x seconds) or flashed lights in my face, or made noise, or anything that took my time away trying to get to the content – I would never look at that rag again.
Just like CNN, I never watch their videos since the are all ad covered.

“Once a webpage is delivered to a user as intended by a publisher and just like we receive a book, a magazine, a newspaper from a traditional publishers, then and only then should we be allowed take out our adblocker”

Except I want to save the ludicrous amount of excess bandwidth required to download the ads, which are now frequently videos, riddled with 3rd, 4th, and 5th party scripts and trackers, and much larger in the background than what is actually displayed by the ad. You also have no control over what scripts are being executed unless you prevent it being downloaded – this is how malvertising works.

What you are suggesting is that users must download, execute and view all ad content, but then we may choose not to look at it. Correlations to print media are not relevant because the threat level doesn’t exist, neither does additional cost associated with viewing advertising online.

If advertisers want to reverse the trending use of ad-blocking technology, they need to reverse their own practices which brought us to this point.

To me (looking at this mainly from a security perspective), Oriel’s argument is very much like saying, “Anti-virus programs are great. But if you use an on-access anti-virus scanner – the preventative component that blocks malware before it runs – then you’re a scoundrel. It’s your duty to give every email attachment, every web download, every program on any USB drive, a fair and unimpeded chance to run. Then, and only then, do you get the right to scan it to see whether it might already have infected your computer.”

Ask any ransomware victim what they think about the idea of scanning of malware only after the damage has been done :-(

I’ll bet you oh…twenty-two billion dollars that this “study” is comparable to the one sponsored by Preparation H that confirmed Preparation H is the best product for a specific task.

On at least two levels.

If it was illegal for ad companies to serve up malicious ads and the penalties per computer infection were so high that it would immediately bankrupt them, you’d think they’d learn to make a better advertising platform. Any company that attempted to serve up malware would be held liable could be billed double the ad fine for every infected system.

No anonymous buying of adspace, you have to be identifiable with the company, held liable for anything adversely affecting website performance (malware), and prove your ad is legitimate, if it’s not, off to prison (or some other legal proceeding here)

In a nutshell, if you want revenue, make better ads that don’t destroy my computer!

Spiceworks does advertising right, I hold sites to that standard:
2 non intrusive ads on a page that refresh occasionally.
No banner ads, no obnoxious flashing YOU WON $1 MILLION DOLLARS!!!
Whitespace ads that match the color scheme of the website/webpage.

Once ad-companies test and verify the campaigns, Ransomware will die off.
Then if we can just train users to stop opening every bloody attachment in the spam email box, we may have a chance to win the war on malware.

entire blogs are going AWOL without us knowing

Wait… my adblocker is blocking the entire Naked Security blog, but I don’t know about it?

Well, you wouldn’t know, would you :-)

You might *think* you are reading Naked Security right now, and commenting on it, and you might *think* I am replying to you, but how can you ever be sure? (Well, apart from your own experience and expertise, of course. Oh, and the TLS certificate signed by us.)

Using Adblockers is cheating – at the nickle and dime level, plain and simple. As an Internet user, you have the choice to use ‘premium’ services that you pay for, or sites that you pay for indirectly through your taxes and the choice to not see ads by not frequenting those sites that use them as a revenue-generating source.
The deal is, I provide useful/funny/interesting content – for free – but someone has to pay for my time, development, server, domain registration etc. and that someone is you, through viewing and hopefully connecting to the ads that my website serves. If you don’t see the ad, I don’t get any revenue and my website eventually goes away ….

If you don’t want to see ads – don’t use the websites that display them!

I don’t see anywhere in this article where we say, or even imply, that websites should be prevented from blocking access to users who have adblockers. You can make “no adblockers” part of your T&Cs if you like. That’s fine with me… it’s your charge for admission and I can choose to pay it or to go elsewhere.

But suggesting that anyone who uses an adblocker is somehow “cheating” (when in fact they may simply want to protect themselves from malware) is IMO barking up the wrong tree.

Oriel seems to be saying that deivering ads is just as much of a right as blocking them, and therefore that you should only really be allowed to block ads reactively, after they’ve appeared, rather than blocking them proactively before they’re delivered to your browser. But because of malvertising (poisoned ads that need to be blocked *before* they appear, not afterwards), fighting adblockers merely gets users’ backs up:

https://nakedsecurity.sophos.com/2016/01/15/malvertising-why-fighting-adblockers-gets-users-backs-up/

You have to admit that trying to force people to see your ads when they have already decided they don’t want them is unlikely to increase your revenue to make up for adblockers! Instead, it just sounds like that old joke that “beatings will continue until morale improves.”

I have been running an informational website (ie. I have no ‘product’ to sell) for ten years – my income is purely from advertising and I am pretty careful where my ads come from – Google Adsense primaily and some hand-picked direct, related ads.
AFAIK, your use of an adblocker doesn’t make a distinction between the 99% of ad-supported websites that do not serve up malware and those that do, so you get a free ride when visiting any of the gazillions of ad-supported websites – you ‘jump the turnstile’ as it were.
The nature of advertising is that for every 100 page views, generally slightly less than one will interact with an ad and that interaction is commonly worth a penny – sometimes more, sometimes less, often zero.
If you want ‘useful’ websites like mine with their annoying but harmless ads to go away for ever, just keep up with the blocking – you won’t like the alternative, I can tell you.
Back in the day, people actually used to justify ad blocking with the amount of additional bandwidth they used up. If that’s still your problem, then I’m sorry for you.
One other thing – we all know the kind of websites that do serve up aggressive ads, pop unders, overs, behinds, malware etc etc. and frankly, your mother wouldn’t approve.

Just for the record, I don’t use an adblocker. I’m happy that you can make money off ads. I’m happy if you tell me that my free access to your site is your way of paying me back for letting you put ads in front of me. As a matter of fact, I’m mot immune to clicking ads that I like the look of, though it’s rare that they are even vaguely relevant, let alone actually interesting.

But I must admit I’m not shappy to hear you tell me that if ever I do start using an adblocker, for whatever reason, then at that point you’ll consider me to be a “cheat”…if that’s what your website pops up when you detect visitors’ adblockers, do you really they’ll rush to tell their adblockers to allowlist your website (and any or all of the ad networks you work with)?

“we all know the kind of websites that do serve up aggressive ads, pop unders, overs, behinds, malware etc etc. and frankly, your mother wouldn’t approve.”

Yeah, my mother wouldn’t approve of me going on Forbes, the daily mail or several other high-profile sites that have been victims of serving up malvertising. As yet, there’s not a reliable way to know how trustworthy a websites ads actually are (I know there’s things like brave and the Adblock plus whitelisting stuff, but afaik they’re not finished yet)

Not at all. When I buy a newspaper or magazine I make a point of not looking at the adverts. If the adverts become intrusive, e.g. they occupy more than half of the publication, I am likely to stop buying it. When I want to watch television I record the programme and fast-forward through the adverts.
I don’t mind adverts on web pages, provided they do not obscure what I want to see, and provided they slow my computer down or use too much download capacity, e.g. video clips. I reserve the right to block ads that are too intrusive for my liking.

Actually, no one “has” to pay for your time. You don’t provide your content for free. What you actually do is provide a service based upon a business model that convinces advertisers to pay you in exchange for being able to include their content on your site. The agreement is between you and the advertiser. What you forget is that neither you nor the advertiser has an agreement with the viewer. As I viewer, I can choose not to look at your site. I can choose to look at your site and not view the advertisements. Or can I choose to peruse every inch of your site including the ads. If I choose to not view the advertisements, how I actually go about doing that is also my choice. By turning on my adblocker, I’ve exercised that choice. If the system ultimately decides to take away that possibility, then I’m back to two choices: not look at your site, or take in the entire thing. Which one do you think I’m more inclined to pick?

A saying that’s existed far longer than the Internet is uncomfortably analogous here…

Television doesn’t exist to bring entertainment to the consumer; television exists to bring consumers to the advertiser

Web-saturated desktop bandwidth isn’t as common an issue now, but prolific mobile use has supplanted the home for a limited-bandwidth viewing medium.

In a context such as this I understand your reticence in divulging your actual site (particularly given your approach) but must wonder how well your estimation of your site’s “useful/funny/interesting” value matches those of its visitors.

Your willingness to post long-winded rants targeting the very people whose opinions you hope to sway (featuring time-honored incendiary persuasion techniques such as character attacks and implying that my use of an ad blocker results solely from my immeasurable consumption of pr0n) suggest that your finger is not so much on the pulse of Mr. Modern Internet Reader…as somewhere else.

If you surf on your smartphone, using your data plan (rather than WiFi), and if you use an adblocker, then you reduce the impact on your data plan.

That’s right – you are “cheating” your cell phone service provider.

Shame on you!

/s

(Why does my mind do these things?)

Good work Alison. We have to stand up to the adspam industry and you may be the first spokeswoman. I wanted to read an interesting business article from a leading British respectable newspaper’s business section. The ads that came tumbling down on the page were so bad I could not scroll through the article and I simply closed my browser. This was at work and we are not allowed to add ad blockers to our machines. Too bad. I could have sent a complimentary note to the author. Now I will never go to that newspaper’s website again.

I use an adblocker and an anti-tracker as well, just so I do not become infected and/or traced for nefarious reasons. I understand sites require funding, however the recent proliferation of malware in the guise of an ad on a common site(s) reinforces my resolve to not stop using these protections. Further, the pages quite often do not have any idea where the ads come from, how they are vetted, nor whether they are safe for consumption. The aggregator sites that distribute the networked advertising also do not know, quite often. Like many before me, if there is some compensation for the destruction of my machine, there is a slight chance I might turn them off, however, unless the page owners are here, with a spare machine for me to log straight into, they can learn how to whistle.

Before I was wise to them, I inadvertently clicked on a few google ads. Some pretty sleazy ads popped up, offering Asian and Russian women in my location, obviously derived from my I.P. address. I still have screenshots to prove it. One of the reasons I took Chrome off my computer. So I gladly donate money to Adblock. Companies wishing to promote their products and services simply need to create a website. When I need to find a product or service, I do a web search. I make a point of not buying anything from companies that force advertising on me.

A bunch of crooks crying about their malware getting blocked? Why is this even news?

If publishers adopted a common html tag to identify advertisements it would reduce the likelihood of false positives. The few false positives that do occur are the results of evasion techniques employed by malware vendors.

Legitimate applications and content doesn’t need to evade detection.

I am sorry, ad network companies, for using adblockers to increase the speed of a webpage load, limit infections on my devices, and decrease unnecessary data usage (really, I’m not.. Just as you are not sorry for shoddy security implementations, increasing page load times from 30 seconds to a minute or more where users start feeling like we are back in the days of dialup on a 56k or less modem, not refunding for my extra data usage from the data hogging ads you want me to see, using tracking cookies, misleading ads, and so on). If using adblockers is censorship, then isn’t spam filters in email boxes also censorship? Who brings the need to block such unwanted solicitations? Well, obviously ad campaigning does! The people have spoken with increased usage of adblockers. We are tired of it. Much like UCE had become the bane of the email experience, ad networks have become the bane of the web browsing experience.

Utter, utter nonsense. Censorship is the suppression of content by authorities. What we are seeing here is individuals choosing to block content on the grounds of irrelevance, annoyance, and in many cases malice of intent.

If all adverts that I saw on the internet were unobtrusive, inoffensive and not a threat to my security I wouldn’t NEED to use an Adblocker. When I am at work, where I have no control over the browser and can’t install an adblocker, certain websites have so many ads on them that the proxy blocks me for excessive connections. I will name and shame crash.net, Windows Central and theinquirer.net as the prime culprits of this.

It is absolutely not censorship unless the government forces people to block ads.

If individuals do it, the correct term is “none of the publisher’s damn business.”

Really, the only people who are affected are people whose sites live off ad revenue. But if your business model relies on selling ad space, your company is living on borrowed time anyway. Again, not end-user problem.

If ads were relevant, safe, worth looking at, people probably wouldn’t run ad blockers. If ads are irrelevant, unsafe, and mostly bollocks, of course they’re going to run ad blockers. duh. People built commercial blockers for televisions in the 70’s… this is nothing new.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?