this post was submitted on 04 Sep 2024
58 points (96.8% liked)

Ask Lemmy

26903 readers
2269 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics. If you need to do this, try !politicaldiscussion@lemmy.world


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 1 year ago
MODERATORS
 

Not asking for tech support here, just wondering if in theory it would be possible to create a plug-in or even a complete browser that blocks ads in a way that's impossible to detect. One model that comes to mind is a quarantined / containerized non-blocking virtual browser which queries the web server directly, then the UX filters the content from that container and presents it to the user ad-free. As far as the web server can tell, the containerized browser is just vanilla Chromium.

all 32 comments
sorted by: hot top controversial new old
[–] dual_sport_dork@lemmy.world 39 points 2 months ago* (last edited 2 months ago) (2 children)

The way you've described it is basically how it would have to work.

Various ad-blocking detection technologies basically boil down to loading some element on the page and then querying for it during/after rendering to see if it's still there. This could be combined with an AJAX call to load the actual content, which is how all those annoying sites work that pop a nag up in your face if you're running uBlock or whatever. And even then you don't get the content even if you subsequently block the nag notice.

A truly undetectable adblocker would still have to pull down and load all the ad content and render it somewhere (invisibly in the background, presumably) and then serve a second cut down version of that page with the ad elements not rendered.

Edit to add: This would be somewhat detrimental to the user, because it would by necessity not stop the types of tracking that are typically built into served ads. Current adblockers (like uBlock Origin) also by default also block various advertisers' nonsense like cross-site tracking cookies and tracking pixels, etc.

[–] Boozilla@lemmy.world 13 points 2 months ago

Thanks, this is the sort of info I was looking for.

[–] baggachipz@sh.itjust.works 3 points 2 months ago

Well, yes and no. The shadow browser could randomize its signature and purge temp files in each load, or something like that. Or maybe even reverse-engineer the expected payload structure from major advertisers and send garbage back to them.

[–] Funwayguy@lemmy.world 10 points 2 months ago (1 children)

The problem isn't so much blocking the ads on a page, that's a solved problem, it's doing so without incurring side effects. The main problem usually comes in two ways.

  1. Ads are now being pre-baked into the content delivery itself in which there is no easy way to rip it out without destroying the content in some way. Twitch is notorious for this on streams where the ad portion completely replaces the video feed before your browser ever sees what was originally there. You may never recover what was there, but if you try to block the ad playing you trigger problem 2.

  2. There are departments dedicated to developing ever changing anti-adblock scripts and detectors that enforce ad placements and detect tampering. In some cases this results in punishing the user by refusing to deliver content until the ads load, blocking or kicking the user off the page, throttling connections or access, or in Twitch's egregious case, more invasive ad interruptions. This has become a never ending arms race with ad blockers to keep up with minefield of invasive scrips monitoring what you do with their website.

TLDR: Ad blockers like UBlock Origin are already filtering how you're asking for bur advertisers are attacking the plugins themselves and have their own arms race of scripts to punish those who interfere.

[–] Boozilla@lemmy.world 6 points 2 months ago

I have definitely noticed an increase in embedded ads. I listen to a lot of podcasts and the "cool" thing with those is to detect where you are downloading from and inject local/targeted ads into the ad breaks. Fortunately the 30-second skip button still works.

[–] kartoffelsaft@programming.dev 8 points 2 months ago (1 children)

I wouldn't say that it'd be strictly impossible, however if it can be done then it would come at a considerable cost to useability, versatility, etc.

One adjacent concept that comes to mind is the use of the :visited CSS tag to extract a user's browsing habits. I remember seeing a demonstration of this where an "are you human" captcha was shown but the choice of image in each box was controlled by the :visited tag. I can't find that post, but this medium article demonstrates a similer concept. There are mitigations to this luckily, but a fullproof solution would be to remove the tag's functionality altogether, which would make certain websites (like the one we're on right now!) much more inconvenient to use.

It seems trivial to me for a website to detect user behaviors that indicate the use of an adblocker. For example, if a request for a page is immediately followed by a request for a video on that page, rather than after 5-60 seconds, then they're likey using an adblocker. If there is an ad placed between two paragaphs in an article, but two distant paragraphs are visible at the same time, it is more likely (although not guaranteed) that they are using an adblocker. If a user triggers an abnormal amount of those heuristics then they get flagged as an adblocking user.

[–] Boozilla@lemmy.world 3 points 2 months ago

What you're saying makes sense about detection. I think my theoretical model might work around some of those, but then there are the user behaviors you're talking about that could still give it away.

I'm having trouble finding it again, but I remember seeing some articles a few weeks / months ago that Google wants to start using some kind of "3rd party authentication" service to make sure you are using an approved and unmodified browser. They want to roll this thing out to as many sites as they can. Of course they will pretend it's for your security / protection but it's really to block add-ons / extensions that they don't like.

[–] ace_garp@lemmy.world 5 points 2 months ago (3 children)

Theoretically, an air-gapped system that is worn on the head, rather than installed to the device would be undetectable.

An AR vision headset that detected known-ad-signatures and could blank or replace ads in realtime, with targetted noise-cancelling to 'mute' specific ad audio, could surgically remove ads from any media(billboard, magazine, video, radio, webpage).

Kind of like reverse-Snowcrash augmentation.

[–] squirrelwithnut@lemmy.world 4 points 2 months ago

The major problem with ads isn't that they are a visual and audible nightmare (although that IS a problem), it's that they can affect performance and are vectors for malware.

[–] Boozilla@lemmy.world 2 points 2 months ago

Love this out-of-the box thinking. Could even do it with a camera and a monitor on the 2nd air-gapped system if you don't want to go VR route.

[–] ace_garp@lemmy.world 1 points 2 months ago

Alternatively, a program that is a wrapper for your entire browser/device, that observes video and audio, to automatically carry out the blanking/muting.

Ads load as normally, but are never seen or heard by the user.

[–] yesman@lemmy.world 5 points 2 months ago (3 children)

It doesn't matter how good your browser is when you can only access content through an app.

That's the way things are headed, I'm afraid. In a few years you won't be able to load Facebook, Youtube, Reddit, or Twitter(formally X) from a browser.

[–] Boozilla@lemmy.world 6 points 2 months ago (1 children)

Bleak but probably true. Cabin in the woods with a good book is my future.

What do you mean all the woods are "gone"?

[–] JubilantJaguar@lemmy.world 2 points 2 months ago

Paper books won't be available either. You'll be watching ads in your cabin where the woods used to be.

[–] LostXOR@fedia.io 3 points 2 months ago (2 children)

They do still have to cater to desktop users, so I imagine accessible websites for those platforms will exist for many years to come.

[–] grue@lemmy.world 5 points 2 months ago

This is also yet another reason why it's important to defend desktops in the face of people who think phones and tablets are "good enough."

[–] QuadratureSurfer@lemmy.world 3 points 2 months ago

"Just download our app on the Microsoft Store/App Store!" /s

[–] AbouBenAdhem@lemmy.world 2 points 2 months ago (1 children)

An ad-blocking DNS server on your local network should work for apps too, right? (As long as the ads are hosted on known ad servers.)

[–] ptz@dubvee.org 3 points 2 months ago

Should, yes, but the page/site may have ways to detect if the ad loads or not and still trigger "adblock in use".

A DNS-based approach also won't work if the ads come from the same domain as the content.

[–] Tellore@lemmy.world 4 points 2 months ago (1 children)

If the site tries really hard, they can control serverside how many seconds of ad you watched to decide if you can access any content whatsoever. Something like this is already present on Twitch iirc. So in the endgame the only universal detection-proof solution I can imagine is AI/GPU based adblocker that will visually detect ads on your screen and overwrite them with something else without actually skipping.

[–] Boozilla@lemmy.world 4 points 2 months ago (1 children)

That's kind of what I'm trying to conceptualize. The container, which is invisible and silent to the end user, "watches" all of the ads as normal. But the middle layer then sanitizes that container, almost as if it was a standalone webserver, and then presents the sanitized version to the end user.

[–] bizarroland@fedia.io 4 points 2 months ago (1 children)

Basically it would have to be built into the browser.

You go to a website, the AI enhanced ad blocking browser would then watch the website and then reinterpret what it sees to you the end user minus the ads.

Upside, completely infallible assuming that the website itself is visible to the public. Downside, the entire contents of any website you go to could be hallucinated and you could have a completely separate and unique experience from reality by using said browser.

[–] Boozilla@lemmy.world 5 points 2 months ago (1 children)

We really haven't moved all that far from "pictures of spaghetti", have we.

[–] GBU_28@lemm.ee 1 points 2 months ago

Considering that was the peak, where are we now

[–] unreachable@lemmy.world 3 points 2 months ago (1 children)

uBlock Origin already does

[–] Boozilla@lemmy.world 3 points 2 months ago

I wasn't aware it did this, but it gets detected all the time, unfortunately.

[–] poshcrow@lemmy.world 1 points 2 months ago

i think greasemonkey could do this with scripts like load ads into a 0 pixel window or something maybe

[–] natecox@programming.dev 1 points 2 months ago (1 children)

I assume if the client is undetectable that ads will escalate to phoning home for viewing confirmation, and then to something even more dumb once we beat that.

It’s an arms race, it’s probably silly to think we can just outright win for once and all.

[–] grue@lemmy.world 1 points 2 months ago

...and then to something even more dumb once we beat that.

E.g. "please drink verification can."