Ad Blocking is good security
It is so easy for web sites to be compromised that it makes good sense to run an ad blocker as well as tools like no-script. Very few sites actively enforce a rapid patch policy to guard against new attacks. Most large scale hosting providers are months behind the bleeding edge of attack vectors. This also seems to apply to operating system vendors (but they are getting better).
Facebook is to be commended for vigorously enforcing security measures to provide a safe space for users, but that ignores the fact that over 90% of the web sites that use anything beyond simple HTML are subject to attack via tools like SQL injection. To expect us to manually disable our ad blockers every time we use Facebook is silly. A word to the Facebook engineers: focus your efforts on taking down the script kiddies and work with the backbone providers to stop infected content at its origin. Facebook marketing: ads don't have to be intrusive to be effective.