Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Advertising Communications Security The Internet Technology

Researchers Defeat Perceptual Ad Blockers, Declare 'New Arms Race' (vice.com) 144

dmoberhaus writes: Perceptual ad blockers were supposed to be the "superweapon" that put an end to the arms race between advertisers and users. According to new research, however, perceptual ad blockers will come out on the losing side in the war against internet advertisers and expose users to a host of new attack vectors in the process. Researchers at Stanford tricked six different visual classifiers used in perceptual ad blockers with adversarial ads designed to trick the ad blockers by making nearly imperceptible changes to the ads. "The researchers tried several different adversarial attacks on the perceptual ad blockers' visual classifiers," Motherboard reports. "One attack, for example, slightly altered the AdChoices logo that is commonly used to disclose advertisements to fool the perceptual ad blocker. In another attack, the researchers demonstrated how website publishers could overlay a transparent mask over a website that would allow ads to evade perceptual ad blockers."

"The aim of our work is not to downplay the merits of ad-blocking, nor discredit the perceptual ad blocking philosophy, which is sound when instantiated with a robust visual ad detector," the researchers concluded. "Rather, our overarching goal is to highlight and raise awareness on the vulnerabilities that arise in building ad blockers with current computer vision systems."
This discussion has been archived. No new comments can be posted.

Researchers Defeat Perceptual Ad Blockers, Declare 'New Arms Race'

Comments Filter:
  • Why visual? (Score:4, Insightful)

    by DogDude ( 805747 ) on Friday November 09, 2018 @08:47PM (#57620454)
    Why would they test a visual ad blocker? Who uses those? All the ad blockers I have ever seen block domains. A visual ad blocker seems doomed to fail.
  • Javascript (Score:3, Informative)

    by Anonymous Coward on Friday November 09, 2018 @08:52PM (#57620458)

    If ads get too pervasive and hard to block people could just disable JavaScript completely.

    • Re:Javascript (Score:5, Insightful)

      by ChromeAeonuim ( 1026946 ) on Friday November 09, 2018 @09:33PM (#57620544)
      That's how I do it. I use NoScript, and rarely ever see ads. The ads themselves are all being served up from some other site anyway, so even if I allow the scripts coming from the site itself, the ads are still blocked, which is fine by me.

      If advertisers really want me to see ads, the simple solution is to stop being assholes. Stop using tricks like native advertising to deceive users, stop redirecting to God knows which questionable and potentially malicious sites, stop advertising scams, and in general stop being so hostile. They'll piss and moan about how I'm taking away advertising revenue, when really, all I want to do is keep myself and my machine safe. You guys are the ones who started the hostile behavior, not me, so don't be surprised when I react accordingly.

      If they really want me to see ads, it is simple. Have an image, using standard basic Img tag, saying 'Drink Brand X Cola!' or whatever, clearly linking to brandXcola.com. There, simple. No scams, no malware, no tricks, transparent and honest. If they don't want to do that, then it's not my problem if someone's unethical behavior bites them in the ass.
      • >"If advertisers really want me to see ads, the simple solution is to stop being assholes"

        But the reality is, that will never happen. They will never stop using:

        1) Animation of any type (scroll, change, fade, flip, whatever)
        2) Video of any type
        3) Sound
        4) Pop-overs, pop-unders, mouse-overs, and overlays
        5) HUGE portions of the screen

        The genie is not going back into the bottle. Had they never done the above, I would never have had that much motivation to block them. And that is even before considering th

        • by Anonymous Coward

          Don't forget, #6: Malvertising. The "wink, wink, nudge, nudge" game with the blackhats, so their ad server "by accident" serves up malware. Because the ad places don't care to clean up their act, ads are a security threat, and arguably the biggest infection vector next to phishing these days.

          I run ad blockers for security. If a website demands ad blockers be disabled, they are lumped in as an accessory to computer trespass, and I go somewhere else.

        • Re:Javascript (Score:4, Insightful)

          by Opportunist ( 166417 ) on Saturday November 10, 2018 @09:14AM (#57621730)

          This is basically why the ad industry is in the huge pit they're in today. You might notice that the amount of sites that beg and whine to turn off the adblocker has increased in the past 1-2 years. Why? Because now even the computer illiterates block ads.

          Ads have always been part of the internet. Pretty much since the first time the masses entered with AOL there were banners. And ads got more and more invasive because they could. They'd pop up, over, under, blare from speakers and go fullscreen video. Why? Because advertisers were used to getting away with it from TV. What would you do? Change the channel?

          What they didn't take into account was that on a computer, the owner of the computer can easily turn off their obnoxious invasion. But that was ok. The ones that could were few and far between. And the illiterates were plentiful enough to keep the ad industry going.

          But apparently not enough people clicked their ads. Even when they tricked people by disguising them as "close" buttons. So ads got more and more invasive, because apparently the ad industry thought that people somehow missed that full screen flashing and honking ad. And at some point the breaking point was reached: The illiterates installed ad blockers.

          To give you an idea what we're talking about: We're talking about the user that dutifully closes 20 error messages when he starts his computer from programs that didn't quite uninstall properly. The user that doesn't care that his i7 is slow as molasses when browsing because of the 99 tracking plugins littering his browser, or that he has a browser real estate of a stamp on his 28" screen due to all the plugin bars that somehow got installed. The ad industry managed to piss off THIS user enough to get off his ass and install an ad blocker.

          And he's not gonna uninstall it. Can you imagine just HOW much you have to piss off someone like this to block your ads? You could promise him a new car to uninstall that ad blocker and he won't uninstall it. That ship has sailed.

          • This is basically why the ad industry is in the huge pit they're in today. You might notice that the amount of sites that beg and whine to turn off the adblocker has increased in the past 1-2 years. Why? Because now even the computer illiterates block ads.

            I've installed adblockers on several grandma's computers to rejuvenate them. Suddenly the thing runs much better. And ther's nothing like Grandma net to get the word out.

            Regardless, not allowing me into their site because I have ad and script blocking means I still won't see their malware bearing bullshit. So it still means they fail.

            The ad industry managed to piss off THIS user enough to get off his ass and install an ad blocker.

            And he's not gonna uninstall it. Can you imagine just HOW much you have to piss off someone like this to block your ads? You could promise him a new car to uninstall that ad blocker and he won't uninstall it. That ship has sailed.

            Exactly. I've used ad blockers since maybe punch the monkey days. Now? Mainstream. Do not piss off the people that are hard to piss off. Especially with assholes like me th

      • That's how I do it. I use NoScript, and rarely ever see ads. The ads themselves are all being served up from some other site anyway, so even if I allow the scripts coming from the site itself, the ads are still blocked, which is fine by me.

        ^^^THIS. NoScript will block 99% of ads just by killing Javascript.

        I use NoScript and Adblock, and I never see ads. I've forgotten what they look like. So much so, that when I used a friend's PC the other day I was just flabbergasted by all the ads littering the page. "Hmmmm," I thought, "this is ungood."

        A few clicks later I had installed NoScript and Adblock, and peace and tranquility reigned throughout the land again.

        He hasn't stopped thanking me since- "And the pages load so fucking fast dude!!"

        He's now

        • I've forgotten what they look like. So much so, that when I used a friend's PC the other day I was just flabbergasted by all the ads littering the page. "Hmmmm," I thought, "this is ungood."

          A few clicks later I had installed NoScript and Adblock, and peace and tranquility reigned throughout the land again.

          He hasn't stopped thanking me since- "And the pages load so fucking fast dude!!"

          He's now on an absolute crusade to install NoScript and Adblock on every PC he sees, lol.

          This! The times I have for one reason or another had to ride the net bareback, I've found it almost unusable. And has anyone wondered why smartphone users are getting more and more bandwidth? not to do anything but allow them to get more ads. I used to blow through my cap regularly until I started tethering a laptop to it. Now I have much un-throttled data to use.

      • i wonder what kind of websites do you visit that still work properly with javascript disabled.

        • Most of them more or less work, and even if they don't have full functionality, it's usually still good enough. It's a trade off: security for mild annoyance. But the nice thing about NoScript is that you can select which sites you want to allow scripts from, so I can selectively allow some things but not others.
    • Yep. I disable javascript on every website that try to shove videos at me, since they've managed to defeat autoplay-blocking plugins. "Content" videos are more annoying than most advertisements anyway. And while the site may not work without javascript, if it doesn't that simply means it won't get further visits.

    • >"If ads get too pervasive and hard to block people could just disable JavaScript completely."

      Which breaks 90+% of all websites. This isn't 1990 or even 2000. Sure, you can spend countless hours trying to use something like Noscript to select which domains, and which portions, and which scripts, and where, and update them constantly as things change and every time you encounter a new site, and constantly troubleshoot what is breaking what. But the overwhelming majority of people have neither the techn

  • by Gravis Zero ( 934156 ) on Friday November 09, 2018 @09:14PM (#57620500)

    If you want to get rid of ads, you shouldn't be looking to completely prevent them from loading because that's an eternal game of cat and mouse. Instead, you should be looking to poison advertisers click-though information. Basically, fooling ads into thinking you have clicked them and loading things in the background (after you have loaded the page excluding the ads) would have a very negative effect on advertisers because it spoils the very thing they keep track of: who clicks-through to a site. If most people provided a completely false click-through and browsing information it would diminish the value of ads entirely.

    Honestly, people are fighting ad networks all wrong.

    • by Anonymous Coward on Friday November 09, 2018 @09:37PM (#57620556)

      Clicking on ads automatically on behalf of users would be very dangerous. I'm an author of the paper discussed in the article, and we looked at one ad-blocker that actually does this (specifically it clicks on ads to check whether they link to an ad statement page). It turns out that you can fool the ad-blocker into thinking something is an ad, which then causes it to click on an arbitrary link of your choice... You could use this for DDoS purposes, cross site request forgery attacks, etc.

      • I'm not suggesting using a perceptual ad recognition for poisoning ad networks but rather the list based method. The entire concept of the perceptual ad recognition is flawed and is even more of a cat-and-mouse game than list based detection. If anything, the perceptual ad recognition should be used by list maintainers to identify new ad new domains to their lists... just not automatically.

    • by epine ( 68316 )

      If most people provided a completely false click-through and browsing information it would diminish the value of ads entirely.

      Your analysis is not even on the right set of train tracks.

      Current compensation formulas might well involve relative conversion rates (I don't follow this closely), but that's merely convention.

      What actually matters is the absolute conversion rate: number of widgets sold, and average selling price. As long as those two quantities are in the black, advertising will remain a going con

      • What actually matters is the absolute conversion rate: number of widgets sold, and average selling price. As long as those two quantities are in the black, advertising will remain a going concern.

        That is correct. That is because such widgets are seen as being valuable. If millions of people are clicking through then it's going to turn into a liability. Suddenly your advertisement is a call for a self-inflicted DDoS. Electrons are cheap but not free and if you are getting DDoS'd because of an ad you paid for and not getting real traffic then it may just be more trouble than it's worth. Sure big players might be able to withstand the strain but smaller ones will be taken offline and going offline

    • Go a step further. Exchange the information with all the other instances running the ad blocker and have them ALL click the ad. The company paying for the ad gets charged a HUGE bill for all the clicks, notices zero revenue from it and stops advertising.

      Problem solved for good.

    • Instead, you should be looking to poison advertisers click-though information.

      Yep- we should make the advertisers efforts useless by filling their click-through databases with mountains of irrelevant 'data'. If we all clicked away like psychos their analytics would be worthless.

      Unfortunately, the prevalence of malware in ads (and in their target pages) prevent me from doing this (plus I use NoScript and Adblock, so I don't actually see the ads).

  • would create and update lists of sites they blocked.

    And you can always manually individually block sites/domains.

    Soon it will really suck if the domain you created has the letters ad in it,

    As opposed to AdBlock which exchanges cash to allow some advertisers to "bypass" built in blocks.

    • by Anonymous Coward

      I have been running a Raspberry Pi with Pi-hole and I never see ads. The Pi-hole blocks the DNS calls for the ad networks, so they never even are called to block them. I don't know how long this method will be effective, but this, coupled with uBlock Origin, Decentraleyes, Privacy Badger, Token Tracker Stripper, and some about:config settings leaves me pretty good to go for the last couple of years. Again, I don't know how long before this becomes defeated. I think the best method is DNS blackholing of ad d

  • by Bryan Ischo ( 893 ) * on Friday November 09, 2018 @10:37PM (#57620694) Homepage

    The problem I have seen with ad blockers (and admittedly, I have only tried a few, and haven't put a lot of effort into trying to find the best or most useful one) is that they work by preventing the loading of certain parts of web sites. Like, they refuse to load images from a certain domain, or refuse to load and run javascript from a certain domain, or whatever. The important point is that I believe they work by not loading content that they want to block.

    It is my experience that sites can detect this behavior - they can tell when you have loaded all of a page but not the ads, because they can see that your browser only fetched part of the page. They probably also embed javascript in ways that require that it be run and show an ad or else some other javascript notices that this did not happen, and then knows that you did not load the ad. And then they run other javascript that blocks out the content of the site itself because they have detected that you are running an ad blocker.

    I don't know why ad blockers don't then just implement the obvious:

    Load the ad. Load the javascript. Just turn all the pixels that you display for those ads to white, and all the sound to zero volume. The javascript won't know that behind the scenes the APIs that would display images have instead decided to show white pixels. The remote server will still see you fetching all the content and "presenting" it to the user.

    I'm talking about switching ad blocking from a detectable and defeatable "don't show ads" to an undetectable (by the ad displayer) "do everything you would have done up to the last possible moment which is the presentation of the ad image/sound, instead showing nothing".

    This seems so much more foolproof to me. It doesn't have the nice property of reducing your bandwidth usage by not even loading ads but ... I personally don't care much about that. I just don't want to see the ads.

    The only recourse of the advertisers at that point would be to make the content of the ads intrinsic to the content of the site; like the site text renders in javascript that also renders ads, or something. At that point, I don't know what we do to stop ads ... maybe stop allowing javascript?

    In terms of how to detect what is an ad, just let users clock on anything that shows up as an ad image, choose a pop-up "this is an ad", when they select that, white out the image, and add the URL of the ad image to a voting database. Then when fetching images, if enough votes have been cast saying that it's an ad ... treat it as such.

    What are the obvious flaws to this design that I am missing?

    • by markdavis ( 642305 ) on Friday November 09, 2018 @11:28PM (#57620796)

      >" don't know why ad blockers don't then just implement the obvious: Load the ad. Load the javascript. Just turn all the pixels that you display for those ads to white, and all the sound to zero volume. [...]What are the obvious flaws to this design that I am missing?"

      1) Because that still causes the page to load very, very slowly. Try it- the speed difference is almost unbelievable on many sites. Many sites that load and render in 3 seconds suddenly take 6, 10 or even more seconds.

      2) Because it doesn't help prevent tracking and spying.

      3) Because it doesn't reduce bandwidth/date usage.

      4) Because it doesn't reduce memory, CPU, and power/battery usage.

      • Because when another drive-by-download or execute vulnerability pop up, it won't help you to load in background you are as vulnerable as loading in plain sight.
    • > And then they run other Javascript that blocks out the content of the site itself because they have detected that you are running an ad blocker.

      If you are blocking content because someone blocked ads then users will just go elsewhere to get that content.

      Forbes does this bullshit. Guess what, I don't care about Forbes anymore.

      Your broken business model isn't my problem.

      • Forbes does this bullshit. Guess what, I don't care about Forbes anymore.

        Same here. I used to go to Forbes, but with their aggressive "Turn off your ad blocker" shit, I abandoned them. Like you, I don't care about Forbes anymore.

      • Forbes does this bullshit. Guess what, I don't care about Forbes anymore.

        Your broken business model isn't my problem.

        Never let this die:

        After demanding that people disable their ad-blocker, Forbes served them up the Angler exploit toolkit https://www.networkworld.com/a... [networkworld.com]

        The article claims it isn't Forbes fault. Well, kindasorta isn't. But Forbes and all other sites using this ad model share in the blame. Fix it so you aren't serving up computer STD's

        • Wow. Thanks for that link! I'm going to coin a new phrase:

          Practice safe hex -- use an ad blocker.

          • Wow. Thanks for that link! I'm going to coin a new phrase:

            Practice safe hex -- use an ad blocker.

            Remember, if they insist on you dropping your adblocker, and you just navigate away, they have lost twice.

            The ad service doesn't get their ads seen, and the site takes a hit on page views.

        • And this is why I don't turn off my adblocker just because a site begs me to. It's very rare for a site to have exclusive content that I really, really want to see.

          If it's a news story there will be other sources. If it's a video....maybe I just won't be able to see it. I'll live.

          If there's malware, I'll avoid it.

    • by Megane ( 129182 )
      Often I find that if I block another chunk of something, it blocks their blocking detector from loading. After all, web monkeys rarely even have the ability to write good and robust code, they just link in some crap from another web site.
  • Between those two I can't remember the last time I saw an ad, and if I do uBlox will generally zap it for me if I point it at it.
  • Early generation technologies are often fragile in superficial ways.

    Big whoop.

    The main counterexamples come from startup ventures who define turd polishing as job #1.

    Eventually even the sane do have to polish the turd (in the context of an adversarial arms race) to achieve mass deployment. Ideally, you financed your startup to also succeed at stage Number Two.

  • FTFA :

    One attack ... slightly altered the AdChoices logo that is commonly used to disclose advertisements to fool the perceptual ad blocker.

    Am I missing something here? A slight visual alteration can defeat the recognition of a ad graphic? Yet we are in an era of face recognition and self-driving perception software - and only waxwork dummies' faces look constantly the same, and I doubt that every road "Stop" sign is pixel-perfect identical.

    • What you're missing is that the technology they tricked isn't production-quality yet. It's still mostly a research project. There's no need to improve the image recognition at this point, because that's not where they're focusing. Once the interesting work is done, that's part of commercialization.

  • I am pretty sure that I've seen Perceptual Ad Blockers on Doctor Who. They're kind of like psychic paper, only in reverse.

  • by cshark ( 673578 ) on Saturday November 10, 2018 @07:36AM (#57621538)

    You know, I've given internet marketers a chance to explain themselves. An opportunity to prove they're not complete morons who not only don't understand their product, but their customer. I've been patient with them as they introduce new and ever more obnoxious and invasive advertising techniques that are heavily lauded, but that don't actually work. I've read their blogs. I've commented on their forums. I've tried to speak reason to power. And now... I'm done.

    As I've explained to these intrepid idiots in the marketing industry for the last decade, people block ads because they're a blight. They're implemented poorly. They often contain malware which largely goes unpoliced, and they diminish the reading experience on pretty much any site they're on. If you're on a website, and the ads don't completely destroy both the credibility and quality of the host site, you're probably on buzzfeed. Nearly everywhere else, you're going to notice this nonsense.

    The war on adblockers is a lost cause. Breaking adblockers is not going to result in higher clickthrough rates. It never has, in the entire time it's been around. If a user LOVES your website, they might whitelist you. Short of that, they'll bounce and get your content from somewhere else. Calling attention to and requesting a modification in the software a user runs is a violation of user rights. Period. Plain and simple. And it raises suspicions about the host site, bringing to the user's mind the other invasive practices a site might be engaged in, and the handling of their personal data in general. If you wouldn't demand to look in someone's underwear drawer when selling them a newspaper, you shouldn't engage in the ongoing harassment of your users in this way. There is no moral difference.

    Asking users who are taking aggressive steps not to see ads will only result in lower documented clickthrough rates. It'll result in more bounce traffic. It'll result in fewer people showing an interest in your site, and less exposure over social media. Mind you, a lot of people that have never clicked on an ad in their lives think nothing of sharing your article with their network of followers. If you track the engagement numbers on sites that behave in this way, you'll see a downward trend overall in their engagement numbers -- resulting, ironically, in fewer ad impressions, and fewer clicks.

    I don't know if there's anything to do about it. If the industry wants to sit there and gnaw off its own leg, they're welcome to do it. And I'm sure they will. Like I said in the beginning of this rant, they're not exactly the brightest bulbs to begin with.

    • The war on adblockers is a lost cause. Breaking adblockers is not going to result in higher clickthrough rates. It never has, in the entire time it's been around.

      Two hunters are out in the woods when they run across a huge grizzly bear which rears up ready to charge them. One hunter stoops down and starts tying his shoelaces. The other hunter says "What are you doing? We have to get away from the bear!" The first hunter says "I don't have to outrun the bear. I just have to outrun you."

      That's the s

      • by cshark ( 673578 )

        That's interesting. Reminds me of Robert X. Cringely's strategy for defeating phishing. Much the same idea. I'm all for it.

    • by Megane ( 129182 )

      An opportunity to prove they're not complete morons who not only don't understand their product, but their customer.

      The first rule to understanding your customer is to correctly identify your customer. The "customer" is not the one viewing the ad, nor the one who inserts some includes in their web site so that the ad can be displayed in exchange for pennies. The customer is the one who is paying you money, the one who created and paid for the ad to be shoved in front of eyeballs. The companies that shove the ads around have identified their customer, and their product. The product is YOU. (everywhere, not just in Soviet

  • Use NoScript. NoScript will kill 99% of ads just by stopping Javascript. If they insist on having Javascript enabled then I'll abandon their site and go elsewhere.

    If they force unavoidable ads on us, we'll all just start clicking away like mad motherfuckers and bury them in useless, irrelevant clicks. I'll click on every fucking ad I see and never buy anything.

    I do the same thing (more or less) with cold callers who want to sell me duct cleaning or tree trimming services over the phone. I say, sure, come on

  • Isn't this whole throwing unwanted ads in your face against your will and intention abusive?
    Who are the goon-robots programming this shit and the idiots trying to make a buck with this got nothing better to do?
    Popup in your face - please subscribe - and have to act upon plugging an email address like "Ihate..." in..
    The behavior causing this should be penalized with mandatory pot smoking and we will see progress happening very soon..
  • The problem of adversarial images has been studied since 2013. There are over 1500 papers citing the original paper. https://scholar.google.ro/scho... [google.ro]
    • Off topic, but the same idea, of adversarial images, has been turned into a kind of imagination machine in 2014 by Ian Goodfellow (Generative Adversarial Networks - GANs). https://scholar.google.ro/scho... [google.ro] . (5600 papers!) They train two neural nets engaged in a game of forgery and forgery detection. The generator net takes in a random noise vector and creates an image. The discriminator network takes in the fake image, other times real images, and has to say which is which. This makes the discriminator le

Let the machine do the dirty work. -- "Elements of Programming Style", Kernighan and Ritchie

Working...