[Rejected] Whitelisting broken sites
Re: Experiment: Whitelisting broken sites
I think instead of a whitelist, there should be a "possible whitelist list"
Make a list of websites that adblock things are broken by being blacklisted. If that website is visited then a message comes up saying "adblock thinks certain elements on this page are not working correctly because they are blocked" then give the user to either:
1- permanently whitelist the content or
2- whitelist the content for a period of time (like 12 hours or something) or
3- disable all whitelist suggestions in the future (for people who really dont like to whitelist)
This gives the non technical users the ability to visit websites that might be incorrectly blacklisted ... At the same time people won't feel like adblock has sold out. There's just a new feature to more easily "unbreak" websites that are broken by popular adblock subscriptions.
If you try to a) force the whole whitelist or b) enable the whitelist by default people are just going to feel betrayed.. I highly advise against it.
Make a list of websites that adblock things are broken by being blacklisted. If that website is visited then a message comes up saying "adblock thinks certain elements on this page are not working correctly because they are blocked" then give the user to either:
1- permanently whitelist the content or
2- whitelist the content for a period of time (like 12 hours or something) or
3- disable all whitelist suggestions in the future (for people who really dont like to whitelist)
This gives the non technical users the ability to visit websites that might be incorrectly blacklisted ... At the same time people won't feel like adblock has sold out. There's just a new feature to more easily "unbreak" websites that are broken by popular adblock subscriptions.
If you try to a) force the whole whitelist or b) enable the whitelist by default people are just going to feel betrayed.. I highly advise against it.
-
- Posts: 4
- Joined: Sun May 15, 2011 8:43 am
Re: Experiment: Whitelisting broken sites
Why do programmers have to make money? Can't they get a job to pay for coding without relying on software revenue.anonymous74100 wrote:Why do websites have to make money? Can't the website owner get a job to pay for hosting without relying on advertisement money.Guest wrote:1) Stop blocking safe ads, allow websites to make some money from ads that people don't mind too much.
Please tell me you were joking there. Either that, or this whole "Write blogs to help people and get money" thing has gone over my head. You don't think the world is so altruistic as to create entire websites for free, do you?
If the userbase is giving no ad revenue, why would they care about it?anonymous74100 wrote:That won't happen. Paywalls reduce userbase, no website wants that.Guest wrote:2) End up at a point where websites can only make money with a paywall.
Re: Experiment: Whitelisting broken sites
Fair enough, I guess I will just have to wait. But I still hope this obviously controversial list and it's policy will be open for discussion and especially adjustment if it becomes reality - at that point "it's just an experiment", "it's a temporary solution", "you can untick the checkbox anyway, don't complain" etc. aren't very convincing arguments. Also, not adressing certain worries that in the current circumstances are pretty relevant isn't helping the list's trustworthiness either:Till wrote:I would if I could but we are discussing about early ideas for general imrovements of ABP, this hasn't been completely worked out yet.I am still not sure what will actually be added to it (and you don't seem to like the idea of providing any examples either)
Hubird wrote:I just hope that this is not ultimately going to be about all about the money. We've seen a controversial facebook campaign to increase usage numbers (seemed a bit weird and unneeded for an open source project), now this whitelist scheme is revealed where only sites meeting the good advertising criteria are listed. From there it is all too easy for money to change hands and the whitelists grow...Michael wrote:Just to clarify: is there any money involved in this decision?
Off topic: I really like the extremes outlined here :
anonymous74100 wrote:Why do websites have to make money? Can't the website owner get a job to pay for hosting without relying on advertisement money.
Guest wrote:If the userbase is giving no ad revenue, why would they care about it?
Re: Experiment: Whitelisting broken sites
Ultimately - yes, this is a potential revenue source for the Adblock Plus project. Not at this stage but probably later. Which is all the more reason to define clear criteria so that the impact of this feature is positive no matter what.Michael wrote:Just to clarify: is there any money involved in this decision?
PS: It's funny to see how a Reddit "news" that somebody created to get users angry about my proposal actually caused a more differentiated discussion than we've seen here so far...
Re: Experiment: Whitelisting broken sites
Will ABP remain open source ?Wladimir Palant wrote:Ultimately - yes, this is a potential revenue source for the Adblock Plus project.
________________________________
ABP Subscriptions
ABP Development Builds
Submit an issue report with Adblock Plus
ABP Subscriptions
ABP Development Builds
Submit an issue report with Adblock Plus
Re: Experiment: Whitelisting broken sites
Yes, Adblock Plus will always remain open source. As I mentioned here (unfortunately in German) - this is explicitly written down in the contract. We have never done anything behind your back in this project and we don't plan on starting.
-
- Posts: 4
- Joined: Sun May 15, 2011 8:43 am
Re: Experiment: Whitelisting broken sites
Can you explain what kind of revenue? Will adservers be able to "buy into" the whitelist? At what point will we differentiate between ads that are clean and are whitelisted for our criteria, and ads that paid to be whitelisted?Wladimir Palant wrote:Ultimately - yes, this is a potential revenue source for the Adblock Plus project. Not at this stage but probably later. Which is all the more reason to define clear criteria so that the impact of this feature is positive no matter what.Michael wrote:Just to clarify: is there any money involved in this decision?
I think it's pretty lucky that all the Redditors who commented there didn't jump over. There was quite a bit of anger there.Wladimir Palant wrote:PS: It's funny to see how a Reddit "news" that somebody created to get users angry about my proposal actually caused a more differentiated discussion than we've seen here so far...
P.S.: The last two "guest" posts were by me--the layout being similar to Mozillazine, I was sure I was commenting from my Mozillazine account. Created a separate account just now.
-
- Posts: 4
- Joined: Sun May 15, 2011 8:43 am
Re: Experiment: Whitelisting broken sites
... Sorry about that. That last post was supposed to be from this account.
Also, a translation of that German link: http://www.microsofttranslator.com/bv.a ... ct#c003537 [scroll down to comment 11].
Also, a translation of that German link: http://www.microsofttranslator.com/bv.a ... ct#c003537 [scroll down to comment 11].
Last edited by Hubird on Sun May 15, 2011 11:54 am, edited 1 time in total.
Reason: Changed Gueat posts to "revolutions"
Reason: Changed Gueat posts to "revolutions"
Re: Experiment: Whitelisting broken sites
how about these? you can select one of them.How should that checkbox be called? It will definitely have a link next to it leading to a webpage with detailed explanation on the purpose and policies but we still need a simple title.
- Adjusting[controling] the level of blockng list
- protective domains(sites) list
- relief[good, trusted] domains(sites) list
Re: Experiment: Whitelisting broken sites
I cannot really comment on the kind of revenue because that would be pure speculation at this point. However, the rules will definitely be the same for everybody - any website on the list will have to meet the criteria. If a website on the list no longer meets the criteria it will need to be removed (which is why I said that the criteria need to be defined in such a way that it is obvious to a human whether a website still meets them).revolutions wrote:Can you explain what kind of revenue? Will adservers be able to "buy into" the whitelist? At what point will we differentiate between ads that are clean and are whitelisted for our criteria, and ads that paid to be whitelisted?
Re: Experiment: Whitelisting broken sites
If you whitelist a ad domain because it follows your points, the server is still vulnerable to hackers exploiting the server and serving malicious ads.
If the server is not running updated or latest patched version then hackers can exploit the vulnerability to serve malicious ads or drive by downloads.
If the server is not running updated or latest patched version then hackers can exploit the vulnerability to serve malicious ads or drive by downloads.
Re: Experiment: Whitelisting broken sites
You can say that again. On anti-malware.ru (Russian security forum) we've had that more than once; mainly nasty fake-AV's that block you out of Windows for a ransom (delivered through holes in Google Adsense and of course easily bypassing regular security suites). Also lots of porn-spammers abusing the usually white-listed image-host servers to shock the community. Just don't tell the webmasters; they don't want to hear about it. It's our problem, not theirs... No wonder people who participate there (mostly security experts) apply a default deny approach and block ANY third party, either with a proxy or with tools like ABP.nitrox wrote:If you whitelist a ad domain because it follows your points, the server is still vulnerable to hackers exploiting the server and serving malicious ads.
If the server is not running updated or latest patched version then hackers can exploit the vulnerability to serve malicious ads or drive by downloads.
P.S.: I hope that if this experiment succeeds, the owners of white-listed resources will apply the "scratch my back and I'll scratch yours" approach and will do everything they can to prevent this from happening.
Paul
Re: Experiment: Whitelisting broken sites
Unfortunately, the same is true for every other website. Ads are only a prominent target because the same ads are used on a large number of websites. It's exactly the same with all the third-party widgets however that are way too popular right now, e.g. I can imagine that hackers would love to hack Facebook's "Like" button (don't worry, the button in Adblock Plus itself is all static, nothing like those on web pages). Which is why I talked about third-party scripts at the beginning, they are very critical security-wise. Unfortunately, it seems that this ship has sailed - webmasters love third-party widgets and I don't see us (or anybody else) in the position to change that. And scripts are the preferred way to use such widgets because the widget providers like to have full control and webmasters usually don't see the implications.nitrox wrote:If you whitelist a ad domain because it follows your points, the server is still vulnerable to hackers exploiting the server and serving malicious ads.
If the server is not running updated or latest patched version then hackers can exploit the vulnerability to serve malicious ads or drive by downloads.
To sum up: I don't like the current situation any more than you do. But we have to choose our battles and try to change what we realistically can change.
Re: Experiment: Whitelisting broken sites
I think that in the struggle between security and usability, the more usable solution should be the default in this case; I'd still default-deny the ad-servers, and if the social-networking widgets get hacked too then I'll start using Fanboy's Annoyances or Adversity Antisocial, but most users are primarily concerned about still being able to use the sites they visit, and they're willing to see ads if that's what it takes to be able to use some websites.
There's a buzzin' in my brain I really can't explain; I think about it before they make me go to bed.
Re: Experiment: Whitelisting broken sites
It seems that you're finally becoming a Noscript fanWladimir Palant wrote:[ Which is why I talked about third-party scripts at the beginning, they are very critical security-wise.