No one is talking about specific malicious sites, people are talking about entire ad networks being infected, something that has happened multiple times in the past.
When every site gets their ads served from the same central location and that location is compromised, everyone is at risk unless they have strict anti-ad rules implemented.
Every site doesn't do that, though. Almost B2B (non-consumer) sites sell their ads directly to clients (major companies) and don't have malware come through. It's only the ad networks that really are guilty of selling ads to people they don't know and getting the bad creative. If ad blocking software was really about stopping malware they would recognize this and have a way of certifying sites that do business directly and don't allow ad networks.
Why are you trying to bring about change with one hand tied behind your back? If there was a public vote about whether to outlaw the use DRM software would you vote against it on principle because, "if people really didn't want DRM, they wouldn't buy products with DRM"?
If a large enough segment of the population uses an ad-blocker it signals a clear and direct message to site-owners and ad network's wallets that you won't put up with ads and that they won't make money from you until they come up with a different business model. What could be better? It's way more effective than just leaving, emailing the webmaster, or writing an angry blog post.
I long for the day when I don't need an incredibly aggressive content filter on the web for it to be usable, safe, and private.
>If a large enough segment of the population uses an ad-blocker it signals a clear and direct message to site-owners and ad network's wallets that you won't put up with ads and that they won't make money from you until they come up with a different business model.
They're going to take the 'easier' route of trying to keep bypassing the blockers than changing the entire revenue model. That's why supporting websites which are founded on a non-advertising revenue model is crucial.
>It's way more effective than just leaving, emailing the webmaster, or writing an angry blog post.
You claimed you were for people getting rewarded for their work, just not by using methods that you don't agree with.
If you are truly principled then you would avoid going to websites that have those ads and only go to websites whose revenue model is aligned with your interests.
I try in all possible situations to only visit sites that I think aren't causing damage to the landscape of the internet but again, that is a separate issue to me choosing to block all ads. When I browse a content aggregator or a friend sends me a link I'm not going to research each site before clicking the link, I'm just going to click the link if I think it will be interesting. And I'm not going to be okay with exposing myself to security vulnerabilities. Browsing the web I have a right to protect myself, and I'm not going to be somehow guilted into removing that protection.
Okay, now we're getting somewhere. So what do you do for a website that doesn't have ads? That website could still attack with you JS bugs, HTML rendering bugs, JPG/PNG rendering bugs, etc.
You're still not really completely protecting yourself. So it seems to me like you're hedging your bets by assuming that primarily websites which have ads are a liability, but websites with no ads, but with equal opportunity for exploiting vulnerabilities are not.
To be fair, there's good history of this to back his assertion. Ad networks have frequently had exploit kits dropped on them.
Not only that but the ad networks also get all your details which makes Internet advertising quite unlike other advertising.
If the ad networks have no "ethics" I see no reason to feel an ethical obligation back. Sucks for content providers, yeah, but if they have to die to get rid of the sketchy ad networks so be it.
I'd be willing to whitelist ad networks which were sandboxed and could only show me straight up images proxied through the first party site. Anything more than that and I'll show some control of my own hardware and block it. Ultimately, it's my hardware, if it does anything I don't like, I have a right to fix it.
When every site gets their ads served from the same central location and that location is compromised, everyone is at risk unless they have strict anti-ad rules implemented.