Not asking for tech support here, just wondering if in theory it would be possible to create a plug-in or even a complete browser that blocks ads in a way that’s impossible to detect. One model that comes to mind is a quarantined / containerized non-blocking virtual browser which queries the web server directly, then the UX filters the content from that container and presents it to the user ad-free. As far as the web server can tell, the containerized browser is just vanilla Chromium.
The way you’ve described it is basically how it would have to work.
Various ad-blocking detection technologies basically boil down to loading some element on the page and then querying for it during/after rendering to see if it’s still there. This could be combined with an AJAX call to load the actual content, which is how all those annoying sites work that pop a nag up in your face if you’re running uBlock or whatever. And even then you don’t get the content even if you subsequently block the nag notice.
A truly undetectable adblocker would still have to pull down and load all the ad content and render it somewhere (invisibly in the background, presumably) and then serve a second cut down version of that page with the ad elements not rendered.
Edit to add: This would be somewhat detrimental to the user, because it would by necessity not stop the types of tracking that are typically built into served ads. Current adblockers (like uBlock Origin) also by default also block various advertisers’ nonsense like cross-site tracking cookies and tracking pixels, etc.
Thanks, this is the sort of info I was looking for.
Well, yes and no. The shadow browser could randomize its signature and purge temp files in each load, or something like that. Or maybe even reverse-engineer the expected payload structure from major advertisers and send garbage back to them.
The problem isn’t so much blocking the ads on a page, that’s a solved problem, it’s doing so without incurring side effects. The main problem usually comes in two ways.
-
Ads are now being pre-baked into the content delivery itself in which there is no easy way to rip it out without destroying the content in some way. Twitch is notorious for this on streams where the ad portion completely replaces the video feed before your browser ever sees what was originally there. You may never recover what was there, but if you try to block the ad playing you trigger problem 2.
-
There are departments dedicated to developing ever changing anti-adblock scripts and detectors that enforce ad placements and detect tampering. In some cases this results in punishing the user by refusing to deliver content until the ads load, blocking or kicking the user off the page, throttling connections or access, or in Twitch’s egregious case, more invasive ad interruptions. This has become a never ending arms race with ad blockers to keep up with minefield of invasive scrips monitoring what you do with their website.
TLDR: Ad blockers like UBlock Origin are already filtering how you’re asking for bur advertisers are attacking the plugins themselves and have their own arms race of scripts to punish those who interfere.
I have definitely noticed an increase in embedded ads. I listen to a lot of podcasts and the “cool” thing with those is to detect where you are downloading from and inject local/targeted ads into the ad breaks. Fortunately the 30-second skip button still works.
-
I wouldn’t say that it’d be strictly impossible, however if it can be done then it would come at a considerable cost to useability, versatility, etc.
One adjacent concept that comes to mind is the use of the
:visited
CSS tag to extract a user’s browsing habits. I remember seeing a demonstration of this where an “are you human” captcha was shown but the choice of image in each box was controlled by the:visited
tag. I can’t find that post, but this medium article demonstrates a similer concept. There are mitigations to this luckily, but a fullproof solution would be to remove the tag’s functionality altogether, which would make certain websites (like the one we’re on right now!) much more inconvenient to use.It seems trivial to me for a website to detect user behaviors that indicate the use of an adblocker. For example, if a request for a page is immediately followed by a request for a video on that page, rather than after 5-60 seconds, then they’re likey using an adblocker. If there is an ad placed between two paragaphs in an article, but two distant paragraphs are visible at the same time, it is more likely (although not guaranteed) that they are using an adblocker. If a user triggers an abnormal amount of those heuristics then they get flagged as an adblocking user.
What you’re saying makes sense about detection. I think my theoretical model might work around some of those, but then there are the user behaviors you’re talking about that could still give it away.
I’m having trouble finding it again, but I remember seeing some articles a few weeks / months ago that Google wants to start using some kind of “3rd party authentication” service to make sure you are using an approved and unmodified browser. They want to roll this thing out to as many sites as they can. Of course they will pretend it’s for your security / protection but it’s really to block add-ons / extensions that they don’t like.
There is no “perfect”(impossible to detect in this case) in anything. Perfection is a target that keeps changing.
What can you do when for example YouTube decides to bake in ads directly into the video source(they are actually testing this, although its feasibility is questionable)? You can’t block it, for now. In the future, you might be able to detect that with let’s say CV and AI and might be able to block it then. But then YouTube will do something about it.
They’ll probably include a manifest with the video, telling the player what time ranges are un-skippable. A script could hook into that, and auto-skip them
That’s what uBlock Origin planned to do if YouTube ever decided to etch ads into the video stream itself.
It doesn’t matter how good your browser is when you can only access content through an app.
That’s the way things are headed, I’m afraid. In a few years you won’t be able to load Facebook, Youtube, Reddit, or Twitter(formally X) from a browser.
Bleak but probably true. Cabin in the woods with a good book is my future.
What do you mean all the woods are “gone”?
Paper books won’t be available either. You’ll be watching ads in your cabin where the woods used to be.
They do still have to cater to desktop users, so I imagine accessible websites for those platforms will exist for many years to come.
This is also yet another reason why it’s important to defend desktops in the face of people who think phones and tablets are “good enough.”
“Just download our app on the Microsoft Store/App Store!” /s
An ad-blocking DNS server on your local network should work for apps too, right? (As long as the ads are hosted on known ad servers.)
Should, yes, but the page/site may have ways to detect if the ad loads or not and still trigger “adblock in use”.
A DNS-based approach also won’t work if the ads come from the same domain as the content.
Theoretically, an air-gapped system that is worn on the head, rather than installed to the device would be undetectable.
An AR vision headset that detected known-ad-signatures and could blank or replace ads in realtime, with targetted noise-cancelling to ‘mute’ specific ad audio, could surgically remove ads from any media(billboard, magazine, video, radio, webpage).
Kind of like reverse-Snowcrash augmentation.
The major problem with ads isn’t that they are a visual and audible nightmare (although that IS a problem), it’s that they can affect performance and are vectors for malware.
Love this out-of-the box thinking. Could even do it with a camera and a monitor on the 2nd air-gapped system if you don’t want to go VR route.
Alternatively, a program that is a wrapper for your entire browser/device, that observes video and audio, to automatically carry out the blanking/muting.
Ads load as normally, but are never seen or heard by the user.
If the site tries really hard, they can control serverside how many seconds of ad you watched to decide if you can access any content whatsoever. Something like this is already present on Twitch iirc. So in the endgame the only universal detection-proof solution I can imagine is AI/GPU based adblocker that will visually detect ads on your screen and overwrite them with something else without actually skipping.
That’s kind of what I’m trying to conceptualize. The container, which is invisible and silent to the end user, “watches” all of the ads as normal. But the middle layer then sanitizes that container, almost as if it was a standalone webserver, and then presents the sanitized version to the end user.
Basically it would have to be built into the browser.
You go to a website, the AI enhanced ad blocking browser would then watch the website and then reinterpret what it sees to you the end user minus the ads.
Upside, completely infallible assuming that the website itself is visible to the public. Downside, the entire contents of any website you go to could be hallucinated and you could have a completely separate and unique experience from reality by using said browser.
We really haven’t moved all that far from “pictures of spaghetti”, have we.
Considering that was the peak, where are we now
uBlock Origin already does
I wasn’t aware it did this, but it gets detected all the time, unfortunately.
I assume if the client is undetectable that ads will escalate to phoning home for viewing confirmation, and then to something even more dumb once we beat that.
It’s an arms race, it’s probably silly to think we can just outright win for once and all.
…and then to something even more dumb once we beat that.
E.g. “please drink verification can.”
i think greasemonkey could do this with scripts like load ads into a 0 pixel window or something maybe