Whaat‽
You mean auto downloading and executing foreign JavaScript in a users webpage from some server/CDN I might not even know myself as an ad company could be an attack vector?
Never!
(This mostly for those people who may not know that some [most? Dunno don’t have a source for this] ad networks literally allow advertisers to inject small chunks of html into pages for “more interactive/better ads”!!)
This is a great point I try to convey to my less-technical friends and family. Looking at a webpage is not like changing the channel on a tv of old. Looking at a webpage pulls code from who knows where and executes it on your local machine.
These advertisers expect that I should blindly trust them to execute code on my cpu, in my memory, on my machine? Yeah fuck that, it’s a privilege. I don’t invite every hobo walking by to come into my house and take a shit in my toilet.
If they don’t like that not everyone executes their syphilis-ridden javascript, then they should put their shit behind a paywall. But they won’t, since they know they don’t have a product worth paying for.
in the first half of 2023 alone, with phishing URLs leading the charge with a 140.7% increase.
…
Security Gladiators reports that on average, of every 100 ads that are published, at least 1 contains malicious code.
…
A report by Confiant found that in Q3 of 2021, 1 of every 108 ad impressions was highly disruptive or dangerous.
…
Safety Detectives’ malvertising report showed that the global cost of malware was $500 billion per year in 2015, but in 2021 that figure cost an average of $500 billion per month.
Yes and that’s precisely the point. You can make the decision not to pay and there are good reasons to do so (I do so too) but you must recognise that someone is still not getting paid for their work.
Uh the safest thing you can do for your PC is an ad-blocker. Advertising companies don’t even pretend to not put malware up as legitimate ads.
It isn’t an ethical concern and hasn’t been since the 90s. It is a security concern to allow ads as an attack vector.
Whaat‽ You mean auto downloading and executing foreign JavaScript in a users webpage from some server/CDN I might not even know myself as an ad company could be an attack vector? Never!
(This mostly for those people who may not know that some [most? Dunno don’t have a source for this] ad networks literally allow advertisers to inject small chunks of html into pages for “more interactive/better ads”!!)
This is a great point I try to convey to my less-technical friends and family. Looking at a webpage is not like changing the channel on a tv of old. Looking at a webpage pulls code from who knows where and executes it on your local machine.
These advertisers expect that I should blindly trust them to execute code on my cpu, in my memory, on my machine? Yeah fuck that, it’s a privilege. I don’t invite every hobo walking by to come into my house and take a shit in my toilet.
If they don’t like that not everyone executes their syphilis-ridden javascript, then they should put their shit behind a paywall. But they won’t, since they know they don’t have a product worth paying for.
What a great argument! You didn’t even read the first sentence…
You’ll have to explain to me how not compensating someone for their work has been ethical since the 90s.
Opening my computer up to Malware is not worth the fraction of a penny that the person who did the work will receive from my click.
To the person receiving the money, it is worth it. Else they wouldn’t be doing it.
I’m glad to hear they are willing to sacrifice the safety of my system for their fraction of a penny.
https://www.statista.com/chart/29626/ads-blocked-removed-by-google-by-enforced-policy/
Were they removed? Yes. Did they show up prior to removal to real human beings? Also yes.
https://www.comparitech.com/blog/information-security/malvertising-statistics/
Cool story bro but you clearly still didn’t even read the first sentence of what I wrote.
I don’t give a shit how they get paid because the method they chose violates my personal safety.
I’m done arguing with an obvious troll.
Yes and that’s precisely the point. You can make the decision not to pay and there are good reasons to do so (I do so too) but you must recognise that someone is still not getting paid for their work.