this post was submitted on 04 Sep 2024
58 points (96.8% liked)

Ask Lemmy

26707 readers
1762 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics.


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected]. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 1 year ago
MODERATORS
 

Not asking for tech support here, just wondering if in theory it would be possible to create a plug-in or even a complete browser that blocks ads in a way that's impossible to detect. One model that comes to mind is a quarantined / containerized non-blocking virtual browser which queries the web server directly, then the UX filters the content from that container and presents it to the user ad-free. As far as the web server can tell, the containerized browser is just vanilla Chromium.

top 32 comments
sorted by: hot top controversial new old
[–] [email protected] 39 points 2 months ago* (last edited 2 months ago) (2 children)

The way you've described it is basically how it would have to work.

Various ad-blocking detection technologies basically boil down to loading some element on the page and then querying for it during/after rendering to see if it's still there. This could be combined with an AJAX call to load the actual content, which is how all those annoying sites work that pop a nag up in your face if you're running uBlock or whatever. And even then you don't get the content even if you subsequently block the nag notice.

A truly undetectable adblocker would still have to pull down and load all the ad content and render it somewhere (invisibly in the background, presumably) and then serve a second cut down version of that page with the ad elements not rendered.

Edit to add: This would be somewhat detrimental to the user, because it would by necessity not stop the types of tracking that are typically built into served ads. Current adblockers (like uBlock Origin) also by default also block various advertisers' nonsense like cross-site tracking cookies and tracking pixels, etc.

[–] [email protected] 13 points 2 months ago

Thanks, this is the sort of info I was looking for.

[–] [email protected] 3 points 2 months ago

Well, yes and no. The shadow browser could randomize its signature and purge temp files in each load, or something like that. Or maybe even reverse-engineer the expected payload structure from major advertisers and send garbage back to them.

[–] [email protected] 10 points 2 months ago (1 children)

The problem isn't so much blocking the ads on a page, that's a solved problem, it's doing so without incurring side effects. The main problem usually comes in two ways.

  1. Ads are now being pre-baked into the content delivery itself in which there is no easy way to rip it out without destroying the content in some way. Twitch is notorious for this on streams where the ad portion completely replaces the video feed before your browser ever sees what was originally there. You may never recover what was there, but if you try to block the ad playing you trigger problem 2.

  2. There are departments dedicated to developing ever changing anti-adblock scripts and detectors that enforce ad placements and detect tampering. In some cases this results in punishing the user by refusing to deliver content until the ads load, blocking or kicking the user off the page, throttling connections or access, or in Twitch's egregious case, more invasive ad interruptions. This has become a never ending arms race with ad blockers to keep up with minefield of invasive scrips monitoring what you do with their website.

TLDR: Ad blockers like UBlock Origin are already filtering how you're asking for bur advertisers are attacking the plugins themselves and have their own arms race of scripts to punish those who interfere.

[–] [email protected] 6 points 2 months ago

I have definitely noticed an increase in embedded ads. I listen to a lot of podcasts and the "cool" thing with those is to detect where you are downloading from and inject local/targeted ads into the ad breaks. Fortunately the 30-second skip button still works.

[–] [email protected] 8 points 2 months ago (1 children)

I wouldn't say that it'd be strictly impossible, however if it can be done then it would come at a considerable cost to useability, versatility, etc.

One adjacent concept that comes to mind is the use of the :visited CSS tag to extract a user's browsing habits. I remember seeing a demonstration of this where an "are you human" captcha was shown but the choice of image in each box was controlled by the :visited tag. I can't find that post, but this medium article demonstrates a similer concept. There are mitigations to this luckily, but a fullproof solution would be to remove the tag's functionality altogether, which would make certain websites (like the one we're on right now!) much more inconvenient to use.

It seems trivial to me for a website to detect user behaviors that indicate the use of an adblocker. For example, if a request for a page is immediately followed by a request for a video on that page, rather than after 5-60 seconds, then they're likey using an adblocker. If there is an ad placed between two paragaphs in an article, but two distant paragraphs are visible at the same time, it is more likely (although not guaranteed) that they are using an adblocker. If a user triggers an abnormal amount of those heuristics then they get flagged as an adblocking user.

[–] [email protected] 3 points 2 months ago

What you're saying makes sense about detection. I think my theoretical model might work around some of those, but then there are the user behaviors you're talking about that could still give it away.

I'm having trouble finding it again, but I remember seeing some articles a few weeks / months ago that Google wants to start using some kind of "3rd party authentication" service to make sure you are using an approved and unmodified browser. They want to roll this thing out to as many sites as they can. Of course they will pretend it's for your security / protection but it's really to block add-ons / extensions that they don't like.

[–] [email protected] 7 points 2 months ago (1 children)

There is no "perfect"(impossible to detect in this case) in anything. Perfection is a target that keeps changing.

What can you do when for example YouTube decides to bake in ads directly into the video source(they are actually testing this, although its feasibility is questionable)? You can't block it, for now. In the future, you might be able to detect that with let's say CV and AI and might be able to block it then. But then YouTube will do something about it.

[–] [email protected] 6 points 2 months ago (1 children)

They’ll probably include a manifest with the video, telling the player what time ranges are un-skippable. A script could hook into that, and auto-skip them

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago)

That's what uBlock Origin planned to do if YouTube ever decided to etch ads into the video stream itself.

[–] [email protected] 5 points 2 months ago (3 children)

It doesn't matter how good your browser is when you can only access content through an app.

That's the way things are headed, I'm afraid. In a few years you won't be able to load Facebook, Youtube, Reddit, or Twitter(formally X) from a browser.

[–] [email protected] 6 points 2 months ago (1 children)

Bleak but probably true. Cabin in the woods with a good book is my future.

What do you mean all the woods are "gone"?

[–] [email protected] 2 points 2 months ago

Paper books won't be available either. You'll be watching ads in your cabin where the woods used to be.

[–] [email protected] 3 points 2 months ago (2 children)

They do still have to cater to desktop users, so I imagine accessible websites for those platforms will exist for many years to come.

[–] [email protected] 5 points 2 months ago

This is also yet another reason why it's important to defend desktops in the face of people who think phones and tablets are "good enough."

[–] [email protected] 3 points 2 months ago

"Just download our app on the Microsoft Store/App Store!" /s

[–] [email protected] 2 points 2 months ago (1 children)

An ad-blocking DNS server on your local network should work for apps too, right? (As long as the ads are hosted on known ad servers.)

[–] [email protected] 3 points 2 months ago

Should, yes, but the page/site may have ways to detect if the ad loads or not and still trigger "adblock in use".

A DNS-based approach also won't work if the ads come from the same domain as the content.

[–] [email protected] 4 points 2 months ago (1 children)

If the site tries really hard, they can control serverside how many seconds of ad you watched to decide if you can access any content whatsoever. Something like this is already present on Twitch iirc. So in the endgame the only universal detection-proof solution I can imagine is AI/GPU based adblocker that will visually detect ads on your screen and overwrite them with something else without actually skipping.

[–] [email protected] 4 points 2 months ago (1 children)

That's kind of what I'm trying to conceptualize. The container, which is invisible and silent to the end user, "watches" all of the ads as normal. But the middle layer then sanitizes that container, almost as if it was a standalone webserver, and then presents the sanitized version to the end user.

[–] [email protected] 4 points 2 months ago (1 children)

Basically it would have to be built into the browser.

You go to a website, the AI enhanced ad blocking browser would then watch the website and then reinterpret what it sees to you the end user minus the ads.

Upside, completely infallible assuming that the website itself is visible to the public. Downside, the entire contents of any website you go to could be hallucinated and you could have a completely separate and unique experience from reality by using said browser.

[–] [email protected] 5 points 2 months ago (1 children)

We really haven't moved all that far from "pictures of spaghetti", have we.

[–] [email protected] 1 points 2 months ago

Considering that was the peak, where are we now

[–] [email protected] 4 points 2 months ago (3 children)

Theoretically, an air-gapped system that is worn on the head, rather than installed to the device would be undetectable.

An AR vision headset that detected known-ad-signatures and could blank or replace ads in realtime, with targetted noise-cancelling to 'mute' specific ad audio, could surgically remove ads from any media(billboard, magazine, video, radio, webpage).

Kind of like reverse-Snowcrash augmentation.

[–] [email protected] 4 points 2 months ago

The major problem with ads isn't that they are a visual and audible nightmare (although that IS a problem), it's that they can affect performance and are vectors for malware.

[–] [email protected] 2 points 2 months ago

Love this out-of-the box thinking. Could even do it with a camera and a monitor on the 2nd air-gapped system if you don't want to go VR route.

[–] [email protected] 1 points 2 months ago

Alternatively, a program that is a wrapper for your entire browser/device, that observes video and audio, to automatically carry out the blanking/muting.

Ads load as normally, but are never seen or heard by the user.

[–] [email protected] 3 points 2 months ago (1 children)

uBlock Origin already does

[–] [email protected] 3 points 2 months ago

I wasn't aware it did this, but it gets detected all the time, unfortunately.

[–] [email protected] 1 points 2 months ago

i think greasemonkey could do this with scripts like load ads into a 0 pixel window or something maybe

[–] [email protected] 1 points 2 months ago (1 children)

I assume if the client is undetectable that ads will escalate to phoning home for viewing confirmation, and then to something even more dumb once we beat that.

It’s an arms race, it’s probably silly to think we can just outright win for once and all.

[–] [email protected] 1 points 2 months ago

...and then to something even more dumb once we beat that.

E.g. "please drink verification can."