Singapore tells its people: Go forth and block those ads The government of Singapore issued its populace a recommendation for ad blockers this month, calling them “underrated scam protectors” that sieve out fraudulent online ads. “As its name suggests, ad blockers prevent ads from appearing when you are surfing the internet. Many scams that are posing as innocuous ads will thus not …
The article's description of ScamShield from the Singaporean government doesn't sound great from a privacy perspective. I don't doubt that it does track and block scammers, but it is also in a position to collect a bunch of private communications. Singapore is not a government well-known for respecting its citizens' rights, although to be honest there are few governments with an unblemished record on that.
I was hoping to find a technical analysis of the system online, but some quick searches didn't turn one up. It did find a wonderfully disconcerting FAQ page. I'm not sure whether the phrases there are legitimately summarizing the risks for a nontechnical audience or trying to gloss over the truth, but the parts about privacy and security risks appear wrong. A few examples:
I am not familiar with any permission that works like this; usually, it's all SMS or none, not just ones from unknown numbers. For example, the service for handling calls doesn't have any exceptions built into it, so unless they're using something else, they see all incoming and outgoing calls.Are there any privacy concerns with using the app?
No, both iOS and Android have strict privacy rules on what ScamShield can or cannot read. If a message comes from a contact saved on your phone, the SMS will not be sent to ScamShield. [...] Only messages sent by unknown persons via SMS will be read by the AI.
Once installed, can hackers hack into my phone if the app is compromised?
As the app does not individually identify any users, and it does not access any other data on your phone, you and your phone are not at risk if the app is compromised.
This is just wrong. It doesn't identify users, unless the attackers manage to compromise the app in which case they can do that themselves. Whether there is a unique identifier has little or no relevance to whether an attack could happen. I think they might be saying here that the backend system doesn't send commands to the app, thus a compromised backend wouldn't allow code execution on the app, but the text doesn't say that specifically so it's just a guess.
I attempted to check the permissions using Exodus, an Android app privacy checker, but it can't scan it because it's restricted to Singapore.
>” don't forget these ad-blocking tools come with features to whitelist adverts on your favorite, trusted websites ”
However, as we know websites have little control over what the ad networks deliver so still need to vet and drop/block ads even on favourite websites…
Sorry, Android users, although there's probably a Chrome extension that does the same thing
Vinegar is a Safari Extension that blocks Facebook and Youtube ads when watching videos
And it's so effective, when you have the need to use the normal FB or YT app, you realize what such a poor experience video consumption is on mobile devices
"But, what of the poor content creators who are not getting Ad revenue?"
You mean the same content creators that stick a minute's worth of "This video is brought to you in partnership with" in every video?
Showing the same ad or series of ads repeatedly does not make anyone want to rush out and buy the product.
Absolutely!
In fact, if an ad is too awful, I will just decline to do business with the company behind it!
I offer that as a suggestion for the tiny minority who have not considered this yet...
Oh but they do.
I am subscribed to a YouTube channel called History Channel that plonks an ad in the middle of videos. It's always the same ad, I almost know it by heart, and nothing gets rid of it (yet). When the ad starts, the progress bar at the bottom of the video is erased and goes blue, showing the progress of the ad. When the ad is done, the progress bar reverts to its previous position and colour.
No clicking on the progress bar to speed through the ad either. All that to push me to go see their videos on their paying platform. Well sorry, but I'll submit to your ad rather than giving you money in exchange for not having that ad shoved down my throat.
If you had been polite enough to allow me to skip it, I would think about joining up, but this forced ad viewing just puts me off.
I have recently found a YouTube Ad Blocker, I'm soon going to see if that works.
"Especially reputable internet publishers who have an in-house team that polices the ads shown, cough, splutter."
I don't run an ad-blocker. I run Privacy Badger. Which blocks sites that implement tracking, despite being sent a "do-not-track" header. Which mysteriously nukes 99% of ads on this site. There was a time a bit ago, where the occasional advert appeared - presumably because it was not trying to track me.
You need to police your advertisers to stop them attempting to steal information from the site users - plainly they are trying to find out (without asking you) where else the typical Commentard goes on the internet. Not cool.
Still no subscription option?
And perhaps policy better something that may be small, but is a huge pet peeve of mine: ads that resize the box they're shown in.
I don't run an ad-blocker at all[1] and here at El Reg it is very common that an ad loads or reloads in the middle of the page and changes size, making all the text jump up or down one full paragraph, sometimes more.
This is an infuriating behavior.
[1] I can't install one because I don't have the permissions. That is what passes for "security" over here... oh, well...
It's been a long time since I last looked into which Ad blocker is the best. Many years ago I installed UBlock Origin on my Firefox, and I've been using it ever since. Is it still any good? Is there a better alternative that people here can recommend?
I'd also be interested to know if there are any decent Ad Blockers for iOS and iPadOS. Didn't Apple do something to reduce their effectiveness a while back?
>Many years ago I installed UBlock Origin on my Firefox, and I've been using it ever since. Is it still any good?
Are you seeing ads? if not uBlock is doing its job.
It is perhaps a little scary, given how we have been conditioned by "shouty" apps and businesses, that something can quietly do the job it was intended over many years without regular fanfare...
Personally, on my various systems I've tossed a coin and installed either uBlock Origin or Adblock Plus (Eyeo), not noticed much difference, other than recently Adblock Plus has opened its donation page.
running on a Raspberry Pi, and manually configured to block access to the domains of certain advertising networks.
Advantage: any device that connects to my Wi-Fi and that allows a proxy to be set in its advanced Wi-Fi settings (read, all Android and iOS devices) benefit from the blocker with no further fuss.
Disadvantage: I cannot create exceptions for specific publishers like The Register.
I can however control the list of which advertising networks I block. Generally I add a network to that list if and only if it gave us a malicious advert, like one containing JavaScript that takes over the entire browser automatically sending you to a scam site that activates your phone's vibrator saying there's a battery problem and you can't get back to the article you were reading.
I don't want to block well-behaved adverts that stay in their place and support the publishers I'm reading, but I do want to block the particularly obnoxious adverts that try to take over. Unfortunately I can only do it at the level of the whole advertising network: if the network lets through one bad advert, then the whole network gets blocked by me. Overblocking I know but what else can you do. At least I'm putting a tiny bit of pressure on the networks to be more careful I guess.
But The Register's DoubleClick is blocked because I used it as a test case to make sure the proxy was working before I started writing the real list. Maybe I should give that one another chance.
to the advertising industry's insistence on calling an advertisement an "ad". It's like they're trying to make it look nicer just by using a "cute" abbreviation of the word so the older generation won't understand. It's advertisement, ad-vert-ise-ment, four syl-la-bles OK? or "advert" if you must, but not "ad" please.
> don't forget these ad-blocking tools come with features to whitelist adverts on your favorite, trusted websites, cough.
If said favourite website followed best security practices for their end users, they would host the adverts themselves as a simple html banner and link. That's also guaranteed to bypass adblockers.
Creating Javascript was already a bad idea, but giving it to ad pushers was the worst idea of all.
There is only one solution : create a new ad-oriented script language that all reputable ad agencies subscribe to.
This AdScript would not allow manipulating window size, taking over control or preventing the user from closing the window or going back. It would only allow displaying a static image and some static text, with a URL at the bottom. Nothing moving, no flashing, no hidden controls, and no way to do anything else than display the text and image.
Personally I would prefer no image either, but no ad agency would agree to that so . . .
If that subset of JavaScript was created and all ads submitted to it and all ad agencies forced its use, I think ad blockers would become useless.
Not holding my breath though.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
