Main page...           Popular tags: Electronics (11), Linux (11), Hack (8), DIY (6), Other (6), Retrocomputing (6), Debian (5), Curiosities (4)

Installing adNauseam on PaleMoon and the new malware problem

2017-09-02 13:30:12,  In: Hack, Other

Recently PaleMoon developer decided to blacklist adNauseam extension, so here is a quick method of re-enabling it:
1. Go to about:config
2. Set extensions.blocklist.level to 3.
3. Install addon, go to Tools -> Extensions and turn it on there. Remember that it takes the function of adblocker so will collide with most Adblocks.
4. Watch your addons as this may allow to install uncertain ones in the future (currently only adNauseam has this level). If you want to know, the list is online-updated and is maintained in blocklist.xml in your profile directory. Configuring adNauseam, if your workflow involves visiting only a set of trusted sites you should turn on exception for non-tracking ads.
And small explanation what is it.
The add-on fights with unfair malware-delivering companies (today re-defined as "advertisement") by hitting their collaborators - website authors. Then, according to ideology called "free market", authors should change malware providers to advertisement providers who e.g. throw a gif on account, not inject JavaScript spyware, linked from their servers to analyze headers. This should make profit for all - non-tracking ads are unharmed with adNauseam's defense system and fair providers would have more customers. Unfortunately all these "free market" enthusiasts surprisingly screech and scream when it comes to demonstrating its primary feature in breaking malicious monopoly :). Well, another idea which "works" on a paper only.

   The advertisement problem

Becuase there is a problem with modern Internet advertising. First of all, let's meet one of the most powerful tool of modern propaganda. A term redefinition technique has been widely deployed in 1950s in Soviet Union, and became used more and more frequently. Now it is everywhere. The idea is simple, so let's go with exaple: You call dog "a cat". You tell that e.g. "cat barks", you repeat it again and again and if any other people would do it, the domino and authority effect will automatically relay this information and make propaganda self-replicating. The memetic rule here is that the simpler "conveyor" is, the better replication effect, but it is a result of Shannon theory I don't feel like proving it again :). As a result, previous definition now points to another entity or phenomenon. Currently it is used in advertisement, politics and government so even simple terms as equality, property or freedom have been successfully re-defined to fit into artificial, and usually fictional things.
Now we have another re-definition ahead: Malware is re-defined as advertising.
There is nothing wrong with internet advertising if it's only a proper advertising. But unfortunately, the last time I've seen a good advertisement was near 2002. It was a small GIF located on the top of page, showing a photo of a (probably) Nec Versa notebook. There was a dealer logo and text like: "NEC Versa, Pentium III 800MHz, 128MB RAM, 20GB hard disk, 15" 24-bit TFT, Windows XP - " and a price. It was properly placed - on a site with notebook reviews, so it was corresponding with target. The GIF was about 14kB, so even on slow connections it loaded quickly. However, today's advertisement is different. The ad doesn't disclose any information about product - it is an awful, noisy "clickbait", usually hard to close. "Blink" tag in HTML was wrong for standard-setting groups, but blinking ads in Javascript are suddenly OK. But if the content of the ad would be its only problem, there would be not problem at all.
Nearly every advertisement you see in modern Internet has a sophisticated routines on its backstage. It's not an old good GIF, but a frame loading program from foreign server. This program, written in JavaScript language but processed to be harder to understand (process called obfuscation) is responsible for tracking user. It usually sets cookies utilizing user's memory and disk space, loads additional data, and even (thanks!) monitors keystrokes and clicks on page. This is behaviour of a malware, not advertisement. What ad company can do with data gathered this way? Everything. If company is rich, the law is the weakest protection for consumer.
So in recent years we successfully re-defined malicious software as "advertisement". How about re-defining "Petya" ransomware as security/accounting program?
And adNauseam tries to fight this aspect. It is impossible to stop companies from tracking users by law - the DNT header is like politely asking drunken thug not to rob someone. The only way seems to be to hit in their gains.
So how to use adNauseam morally? First, this is my opinion and my morality is weird (at least chaotic, sorry, you don't have to read this, you have a "Back" button to go back to tech things), but I think that the ad should be definitely whitelisted IF and only IF: Is not tracking user (no scripts/external requests) AND is on page giving the content which was described. Because of this last condition, 90% of Google's results suddenly fail this test - these pages on top of Google's results are meaningless, their only goal is advertising and information presented on them may be false or misleading as their primary goal is to spread advertisement.
There is of course one more problem - the content itself is more and more an advertisement and I avoid using the term "content" for valuable sites as it suggests something to be embedded with ads nowadays, but this is much harder to fix.
10 years ago server space was expensive and there were lots of free hosting services. Today gigabytes on servers are cheap and there's almost no way to publish for free. With hobby sites ecosystem, linking to other site was something natural, a normal extension of information. Now, it's almost gone, and no "copyright for links" law, so persuaded in EU, is needed - just vision of potential gains (search engine rank) for someone else is sufficient not to use links in own sites. So without commercial-grade "SEO" a small website will not appear in Google no matter what - there won't be sufficient links and there won't be chances to get them. Here, Google lands in the same category as these paid web directories. Why PaleMoon developer haven't blacklisted Google for the same reason - "direct and indirect economic damage" - is a puzzle which suggests to take a "follow the money" way to discover motives.
It's a sad thing that users who ran away from Firefox because of Mozilla's chaotic moves and political decisions would have to run away from another browser.

Older post...       Main page       Newer post...