New York Times CEO Mark Thompson caused a minor stir a couple weeks ago when he gave a speech at an advertising conference declaring that “No one who refuses to contribute to the creation of high quality journalism has the right to consume it.” He went on to say that while the Times is “not there yet,” the company may soon prevent users with ad blockers from accessing its site.
But newspaper executives like Thompson often focus exclusively on the drawbacks of ad blockers, leaving a big part of the story untold. Thompson did not say one word in his keynote address about the significant security benefits of ad blockers, which is ironic, because his paper was one of several news organizations that served its users ransomware—a particularly vicious form of malware that encrypts the contents of your computer and forces you to pay the perpetrators a ransom in bitcoin to unlock it—through its ad networks just a few months ago. Several major news sites—including the Times, the BBC, and AOL—had their ad networks hijacked by criminal hackers who attempted to install ransomware on readers’ computers.
Advertising networks have served malware onto the computers of unwitting news readers over and over in the past couple years. Ads on Forbes, for example, attacked their readers in January, right after the magazine forced readers to disable ad-blocking software to view its popular annual “30 Under 30” feature. As Engadget reported, “visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information.” It wasn’t the first time this had happened at Forbes, either. And it’s not just in the US. A couple months ago, almost every major news site in the Netherlands served malware through its ads to its users.
You can bet this problem is only going to get worse. According to a 2015 study, malware served by advertising networks tripled between June 2015 and February 2015. So the longer people wait to install an ad blocker, the more vulnerable they become.
Even when malware infection is not a problem, advertisers’ pervasive tracking of users on news organization websites is really disturbing to any reader who cares about privacy. One Princeton study that looked at a million websites found that news sites were the most likely to feature trackers—even more than porn sites. The nonprofit research groupCitizen Lab surveyed the top 100 news sites last year and found that many had dozens of trackers running on their website, allowing advertisers to spy on visitors’ every move. Worse, most of the trackers were using unencrypted connections, which means malicious actors could more easily track users’ online movements, as well.
This isn’t just conjecture: The Washington Post revealed in 2013 that the NSA “is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using ‘cookies’ and location data to pinpoint targets for government hacking and to bolster surveillance.”Edward Snowden himself recently said: “If the service provider is not working to protect the sanctity of the relationship between reader and publisher, you have not just a right but a duty to take every effort to protect yourself in response.”
by Trevor Timm, CJR | Read more:
But newspaper executives like Thompson often focus exclusively on the drawbacks of ad blockers, leaving a big part of the story untold. Thompson did not say one word in his keynote address about the significant security benefits of ad blockers, which is ironic, because his paper was one of several news organizations that served its users ransomware—a particularly vicious form of malware that encrypts the contents of your computer and forces you to pay the perpetrators a ransom in bitcoin to unlock it—through its ad networks just a few months ago. Several major news sites—including the Times, the BBC, and AOL—had their ad networks hijacked by criminal hackers who attempted to install ransomware on readers’ computers.
Advertising networks have served malware onto the computers of unwitting news readers over and over in the past couple years. Ads on Forbes, for example, attacked their readers in January, right after the magazine forced readers to disable ad-blocking software to view its popular annual “30 Under 30” feature. As Engadget reported, “visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information.” It wasn’t the first time this had happened at Forbes, either. And it’s not just in the US. A couple months ago, almost every major news site in the Netherlands served malware through its ads to its users. You can bet this problem is only going to get worse. According to a 2015 study, malware served by advertising networks tripled between June 2015 and February 2015. So the longer people wait to install an ad blocker, the more vulnerable they become.
Even when malware infection is not a problem, advertisers’ pervasive tracking of users on news organization websites is really disturbing to any reader who cares about privacy. One Princeton study that looked at a million websites found that news sites were the most likely to feature trackers—even more than porn sites. The nonprofit research groupCitizen Lab surveyed the top 100 news sites last year and found that many had dozens of trackers running on their website, allowing advertisers to spy on visitors’ every move. Worse, most of the trackers were using unencrypted connections, which means malicious actors could more easily track users’ online movements, as well.
This isn’t just conjecture: The Washington Post revealed in 2013 that the NSA “is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using ‘cookies’ and location data to pinpoint targets for government hacking and to bolster surveillance.”Edward Snowden himself recently said: “If the service provider is not working to protect the sanctity of the relationship between reader and publisher, you have not just a right but a duty to take every effort to protect yourself in response.”
by Trevor Timm, CJR | Read more:
Image: Citizen Lab
