Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Advertising Privacy The Internet

Snowden Says It's Your Duty To Use an Ad Blocker (for Security) 342

AmiMoJo writes: In a long interview about reclaiming your privacy online, ex-NSA whistleblower Edward Snowden states that it's not just a good idea to use ad blocking software, it's your duty: "Everybody should be running adblock software, if only from a safety perspective. We've seen internet providers like Comcast, AT&T, or whoever it is, insert their own ads into your plaintext http connections. As long as service providers are serving ads with active content that require the use of JavaScript to display, that have some kind of active content like Flash embedded in it, anything that can be a vector for attack in your web browser — you should be actively trying to block these. Because if the service provider is not working to protect the sanctity of the relationship between reader and publisher, you have not just a right but a duty to take every effort to protect yourself in response." Other recommendations include encrypting your hard drive and using Tor to keep your internet use private.
This discussion has been archived. No new comments can be posted.

Snowden Says It's Your Duty To Use an Ad Blocker (for Security)

Comments Filter:
  • Well then (Score:4, Funny)

    by The Real Dr John ( 716876 ) on Tuesday November 17, 2015 @09:53AM (#50947087) Homepage

    at least one person thinks I'm not a bad person because I don't want to see flashing ads and videos while I am trying to read a story.

    • Re:Well then (Score:5, Insightful)

      by gstoddart ( 321705 ) on Tuesday November 17, 2015 @10:12AM (#50947253) Homepage

      What do you care about what the people who want to show you ads think about your decision to block them?

      Flash is a security hole, because Flash has always been a security hole, and it always will be a security hole -- I don't even have it enabled in any browser I control. Letting 10-20 external entities on a web site track you on every page is stupid (there's 10 on Slashdot as I type this, all of which I block). Letting any random website run javascript is also stupid, because you have no idea if you can trust them and all their partners.

      If a website wants to serve its own ads, I probably won't go to great lengths to block them.

      But double click, and score card research, and the literally dozens and dozens of other entities embedded into so many webpages ... those are entities I don't trust, don't have a voluntary relationship with, and do not benefit from being spied on.

      Those I ruthlessly block with privacy extensions, or adding exclusions directly to my browser. Because it's all crap which wants to violate my privacy. Same goes for Facebook and Twitter -- sorry your business model says you want to track me on every site I go to. But I don't care.

      So, boo hoo, say the site owners ... too bad say I. If your revenue involves selling my privacy for your gain, then I will not participate in your revenue. If you get to the point of outright stopping me, then I'll just block your entire site and not come back.

      The fact of the matter is, we simply cannot trust the ad companies to vet the ads, or give a damn about our privacy and security. Which means we need to treat the ad companies as hostile entities and block the shit out of them.

      The longer I run several privacy addons in all my browsers, the more I see on a daily basis how some sites can have 20+ external call-outs, none of which actually add any value to me. Which means I don't give a crap about them.

      In fact, I will do everything I can to block them completely.

      • Actually, I don't care what they think, I was trying, apparently in vein, to make a joke. But I will also add that on some smaller sites that have only a few non-animated ads I will turn ad blocker off. I expect a battle of ad blockers being blocked, or big companies paying the ad blocker programs to white list them, and then new ad blockers coming out. When money is involved, people get very motivated and devious. But then again, that is what capitalism is all about these days. It used to be that companies

    • Re:Well then (Score:5, Insightful)

      by MyAlternateID ( 4240189 ) on Tuesday November 17, 2015 @10:19AM (#50947301) Homepage

      at least one person thinks I'm not a bad person because I don't want to see flashing ads and videos while I am trying to read a story.

      If the sociopaths who run most marketing corporations complain about what kind of person you are, you're probably doing something right.

    • Re:Well then (Score:4, Insightful)

      by Opportunist ( 166417 ) on Tuesday November 17, 2015 @10:24AM (#50947359)

      I doubt anyone but the marketing sociopaths would consider you a bad person. And bluntly, I don't give a fuck about what mentally unstable people think about my morality.

  • in 2015 (Score:5, Insightful)

    by sirber ( 891722 ) on Tuesday November 17, 2015 @09:54AM (#50947107)
    running an adblocker is almost like running an antivirus...
    • running an adblocker is almost like running an antivirus...

      ... something for Windows users?

      Nah, I run one on multiple platforms!

    • Except that you should run it even if you're not using Windows.

    • Re:in 2015 (Score:5, Insightful)

      by RabidReindeer ( 2625839 ) on Tuesday November 17, 2015 @10:54AM (#50947627)

      Not really. An antivirus program will consume more of your computer's resources than the actual working apps do.

      An adblocker prevents even MORE slop from consuming network, cpu, graphics and audio resources.

    • by JigJag ( 2046772 )

      I'll even add that adblockers do what they can to prevent infections, so they're more like vaccines, and antivirus is like antibiotics.

  • by Anonymous Coward
    I don't want to kill the funding of my favorite sites by blocking advertisements.
    • by stevez67 ( 2374822 ) on Tuesday November 17, 2015 @09:58AM (#50947129)

      Having decided to employ an intrusive and obnoxious marketing method in their business plan is not my problem.

    • Turn off ad blocker for them.
    • It's trivial to turn your adblocker off for the few pages that deserve it.

      • by gstoddart ( 321705 ) on Tuesday November 17, 2015 @10:39AM (#50947481) Homepage

        Well, if they server their own ads, fine ... but if it's the same list of companies I wouldn't trust as far as I could throw their CEO off a cliff, then there is no way in hell.

        As soon as you start adding the oily bastards and tracking companies into the mix, no matter for what website, it defeats the purpose entirely of blocking them.

        So, while you might think Spanky's House of Leather is a deserving site, if they pull in a dozen or so tracking companies that you would otherwise block ... what the hell is the point of enabling ads for them?

        It's the 3rd parties we can't trust. Temporarily pretending we can trust them because we like the site they're on is a terrible idea.

        Let companies get back to serving their own ads, from their own servers, using their own bandwidth and maybe we won't block them. But I won't pretend like I trust any of these ad companies for that one site. Not now not ever. Because to do that you have to let the very sites you know you don't trust run.

        The problem is these ad companies and tracking sites are everywhere. Which means you pretty much should trust them nowhere.

        The whole mess can't be trusted. And that's the problem.

        • Well, if they server their own ads, fine

          How should a smaller web site go about seeking advertisers if its operator wants to stop sucking on the AdSense tit? This article [dailyblogtips.com] recommends the equivalent of leaving "Your ad here" banners, but "if you build it, they will come" doesn't pay the domain, hosting, and certificate costs, let alone feed and house the writers. How should a site's operator even know what to charge?

          • by gstoddart ( 321705 ) on Tuesday November 17, 2015 @01:38PM (#50949143) Homepage

            This is not my problem. This has never been my problem. This never will be my problem.

            If your revenue model depends on me allowing third party assholes to set cookies, track me, run scripts, install software, call out to 5 other sites ... then you have no hope in hell of me using your site.

            So, you can put up a tip jar, you can charge membership, or you can starve and close your website.

            These are problems with your business model. And if your business model relies on me being stupid enough to trust your advertisers ... then I'm afraid your business model is your damned problem.

            Not letting the parasites, trackers, and other advertising assholes infest my computer is my problem. I assure you, I only care about my part of this equation.

            So you are free to not give a shit if I stop using your site. You are free to block me from using your site if I don't let you set cookies or run javascript.

            And I am free to block your advertisers, and eventually block you. But I don't owe you a damned thing, especially if it's at the expense of my privacy and security.

            Prime example ... the link you provided embeds references to Facebook. My browser blocks all traffic to Facebook, because I do not consent to the assholes at Facebook tracking me everywhere I go. The same goes for the dozens of other ad companies I outright block.

            • by tepples ( 727027 )

              This is not my problem. This has never been my problem. This never will be my problem.

              It will become your problem once more and more of the sites on which you rely make the decision to "charge membership" or "starve and close your website".

              My browser blocks all traffic to Facebook

              So does mine.

              You are free to block me from using your site if I don't let you set cookies

              Without cookies, how would you post as gstoddart rather than Anonymous Coward? Without cookies, how would an online store know to display the items in your shopping cart rather than the items in somebody else's shopping cart?

              or run javascript

              I wonder: How could an online whiteboard or browser game work without JavaScript?

              • It will become your problem once more and more of the sites on which you rely make the decision to "charge membership" or "starve and close your website".

                He might prefer paying in cash than with his privacy; then this change is not a problem but rather an improvement. You could argue that the walling-off approach would reserve important content for rich people, but then it is the seller's fault who fails to extract money from his visitors in a proportional manner. Rather than walling off the content you could use the "tip jar" already mentioned. It works for some people. I do not belive in limiting ones audience, I believe it to be counterproductive.

                I wonder: How could an online whiteboard or browser game work without JavaScript?

                They wou

                • You could argue that the walling-off approach would reserve important content for rich people, but then it is the seller's fault who fails to extract money from his visitors in a proportional manner.

                  How would the seller determine what is "proportional" without tracking visitors across websites to obtain evidence of their likely income?

                  Rather than walling off the content you could use the "tip jar" already mentioned. It works for some people.

                  And not for others.

              • by gstoddart ( 321705 ) on Tuesday November 17, 2015 @02:28PM (#50949487) Homepage

                It will become your problem once more and more of the sites on which you rely make the decision to "charge membership" or "starve and close your website".

                Possibly. But a lot of sites I only ever visit once because they showed up in a search. Their ads aren't my problem. If I have to sign up for a membership to see if I care, I definitely won't be back. So, New York Times is a site I'll never visit again. And under no circumstances will I enable ad sites I don't trust just for a site I'm mildly interested in.

                Without cookies, how would you post as gstoddart rather than Anonymous Coward?

                See, not every site am I choosing to log in .. or use a shopping cart .. or participate in discussions. For those sites, I have no need for you to set cookies -- in fact, those sites have no reason whatsoever to know anything about me at all. And I sure as shit don't need your advertisers to set 3rd party cookies or load a web bug just because I visited your site -- something which they all seem to want to do. So shit like scorecard research will always be blocked.

                Some sites that I like can set cookies, and run scripts (there's probably fewer than 20)... but only them and not 3rd parties. The rest, nope. Not even a little. They just get blocked from doing it.

                I've encountered sites which immediately put up the instructions to enable cookies and javascript. Sorry, but I have no reason to care or trust you. Which means I'll block your site, click the back button, and write you off as a non-entity. That would cover several Australian news agencies who demand cookies and scripts. Oh, sorry, don't give a fuck, not my problem.

                I wonder: How could an online whiteboard or browser game work without JavaScript?

                Don't know, don't care, don't use either. If I am required to use something for work, or ultimately choose that I wish to use it, I will whitelist. But I need a good reason. I don't look at every shiny bauble on the internet and decide that I give a damn,

                But on first visit to your site, no way in hell you get to run scripts, or set cookies.

                As I said, business models not my concern, my privacy is. Sites I choose to use get to do a limited set of things, nobody ever gets to run plugins or Flash, EVER. The rest, I simply don't feel the need to use.

                Life is too short to give a crap about, or trust, the vast majority of the internet; it's an endless pile of pointless junk. When you remember that, it's a whole lot easier to be fairly ruthless in what you block.

    • by Vokkyt ( 739289 ) on Tuesday November 17, 2015 @12:06PM (#50948343)

      And most people don't want malware on their computers from malicious advertisements that slip through ad rings.

      Advertising is currently positioned in such a way so as to be beneficial to the content creators and the advertisers, but not the users. You don't even really need to get into conversations about morality, ethics, intrusiveness, privacy, and so on when advertisements are a major means for malicious software to get on computers. With how fast the malware changes and evolves, most antivirus and anti-malware products can only respond after the fact, and these same products also are pretty bad about removing even relatively simple malware in its entirety.

      Content creators should get funding; I don't think too many people truly disagree with that. But should you have to put your computer at risk to do so? Content creators are caught up in an arms race between the users and the advertisers, and as long as the creators are using the advertisers, the advertisers have no real incentive to listen to the consumers. Adblocking didn't come as a result of "man fuck ads in general", it came about as a result of ads getting overbearing, obnoxious, and dangerous. Advertisers' responses to this wasn't "oh, let's clean this up", it was "you thought that was bad? wait till you see this" and then they made ads even worse. It seems to me that advertisers are very clear that they don't care about what the user concerns.

      Creators, on the other hand, are in a unique position to influence advertisers, and if they want to continue to have users visit as they do now, they will need to begin to publicly be advocates for users and work to change the status quo.

  • Malicious Ads (Score:5, Informative)

    by Fire_Wraith ( 1460385 ) on Tuesday November 17, 2015 @10:09AM (#50947221)
    I concur, and I run adblockers primarily for this reason. At present, malicious ads/malicious content delivered through ad networks is probably the most likely thing to infect the average user, and there's no more effective defense than simply blocking the content.

    Why block it? Why block random content from unknown third parties, coming across content networks that have proven, time and again, that they don't give a rat's ass about vetting the people they're selling ad space to, let alone the content that those people are sending - and we're not even getting into all the constant invasive tracking attempts that come with that.

    I don't mind reasonable ads, especially native ones that belong to the page I'm actually visiting. I mind the fact that there's been no real consequences for the rampant bad or negligent behavior on the part of the ad networks - so, like all content that I view as inherently suspicious/possibly malicious, I'm going to block it by default. The fact that there's no real value to me in it just makes it easier to not worry about that.
  • Once again Mr Snowden hits the nail on the head.. I just wish there was an ad blocker that worked as well as uBlock for TV and radio, but alas there isn't, so I suffer there...

    • by Merk42 ( 1906718 )
      I wasn't aware that TV ads could track you and be used as an attack vector.
    • There was just a huge terrorist attack in Paris, and now the EU is considering passing a bill to outlaw encryption that can't be decrypted by the state. This is a huge opportunity for Snowden to say something about privacy, and instead he comments about "PUNCHING THE MONKEY"?!?!?!

      Way to stay relevant, Ed!
  • by UnknownSoldier ( 67820 ) on Tuesday November 17, 2015 @10:34AM (#50947447)

    ... making excuses [google.com] for for ad blockers:

    Jul 19, 2015 - For the record, I don't run any ad blockers. Basically, I consider them unethical (the full explanation is longer, but that's the thumbnail).ï

    and when someone points out his stupidity:

    So going to the bathroom when an ad appears is "unethical" ??? What about going to kitchen?? Because using technology to block ads has the exact same effect. It is not my job to support your broken business model. Furthermore, the last time I checked, my eyes belong to me so kindly fuck off with your bullshit "ethics" justifications.

    TL:DR; I guess only stupid people watch ads -- the rest of us are too busy doing something else.

    ... only to get get censored then this issue is far from settled.

    Even Mozilla [mozilla.org] has this stupid mindset WRT Do Not Track:

    The Do Not Track feature is turned off by default. /blockquote

    • Even Mozilla [mozilla.org] has this stupid mindset WRT Do Not Track:

      Well, Do Not Track doesn't actually do anything.

      If anything, it just gives one more piece of information for sites to collect ... that you are stupid enough to believe DNT has any impact on you being tracked.

      DNT is a voluntary program, mostly ignored, and which has no authority behind it. It was an attempt to short circuit someone imposing regulations on them.

      I don't use DNT, because it serves no purpose. I just use privacy extensions to

    • Do Not Track has to be turned off (by default) because advertising companies (specifically, Google) have threatened to ignore it if it was turned on by default. That is the main reason everyone turned it off by default.
      • Well, the reality is, many of them ignore it now.

        Do Not Track has absolutely zero value, doesn't do anything, and is entirely voluntary if anybody obeys it.

        Do Not Track is a big lie.

        The only real solution is to actively block the tracking sites, instead of relying on the goodwill of greedy assholes to not track you.

        There is no spoon, and none of these companies give a shit that you don't want to be tracked.

        Stop pretending that Do Not Track has ever been anything except a misdirection to keep someone else fr

        • Stop pretending that Do Not Track has ever been anything except a misdirection to keep someone else from imposing regulations on them.

          Misdirection from who? It wasn't proposed by advertisers.

  • by TheCarp ( 96830 ) <sjcNO@SPAMcarpanet.net> on Tuesday November 17, 2015 @10:42AM (#50947511) Homepage

    Absolutely. I don't block ads, but ads get blocked, because my browser security package (noscript+requestpolicy) just doesn't load anything from a 3rd party site unless I approve it, and then doesn't run javascript unless I approve it.

    Its generally a bit annoying but.... I put up with it for the same reason I wouldn't have sex with someone I just met without condoms. However, that isn't really even an apt comparison....because sex with a random person is, mostly a pretty rare event, even if you are trying.

    Browsing the web is like.... if we replaced the social custom of saying "hello" with anal sex, and browsing a website is like going to a dinner party with your friend, and 20 of his friends that he brought along; and they are all anxious to greet you, and quite offended that you even brought up the word condom.

    • I used to use NoScript + RequestPolicy myself, but I got tired of having to regex some sites to work, etc. The way websites are now makes it such a monumental hassle. I still use NoScript but I use it along with Privacy Badger. Still pretty good blocking/protection, but not nearly as much regex chicanery like RP required.

  • I do it because even without Flash, the ads are now javascript + canvas + video + audio + animation.

    1. My bandwidth is limited, I only have a 5 Mbps connection. And at the rates the only ISP in town has, I'm not interested in paying for a higher speed.
    2. I have a monthly data quota which is below 50GB. Again, we only have one ISP in town so I'm stuck with them.
    3. I have an older computer with a Core 2 Duo CPU. When there's a few ads using javascript, canvas, etc. it slows down my browsing and takes seconds

    • Again, we only have one ISP in town

      FlyHelicopters [slashdot.org], Bengie [slashdot.org], and Zero__Kelvin [slashdot.org] might reply that there are other towns.

      I don't care about product category XYZ, I only viewed a website once because I was looking for something not related to category XYZ - how about letting us tell you what we're interested in?

      So would you be happy if every single website put up a survey wall in order to read more than one article in a month?

There must be more to life than having everything. -- Maurice Sendak

Working...