ohryan.ca

A Web Developer in Winnipeg

WhyFireFoxIsBlocked is wrong! Adblock Plus is 100% Detectable!

in ,

whyfirefoxisblocked.com does not know what they’re talking about. Ad Block Plus is 100% lame and 100% detectable.

The following code detects ad block plus:

index.html:
<script language="javascript"> var disabled = false; </script>
<script src="something.js?thisistotrickyou=http://a.as-us.falkag.net/...
dat/njf/41/domain.com/ros_pop_tag.js"></script>
<script language="javascript">
if(!disabled){
// DO SOMETHING HERE, like a redirect
alert("You Are Using Ad Block Plus or some other blocking software! Please don\'t, our site operates on ad revenue."); }
</script>

something.js:
disabled = true;

Proof of concept

Comments

20 responses to “WhyFireFoxIsBlocked is wrong! Adblock Plus is 100% Detectable!”

  1. someone Avatar
    someone

    Except, I am using adblock and your proof of concept didn’t trigger…

  2. someone Avatar
    someone

    Except, I am using adblock and your proof of concept didn’t trigger…

  3. RyanN Avatar
    RyanN

    What filter list are you using?

  4. RyanN Avatar
    RyanN

    What filter list are you using?

  5. thatguy Avatar
    thatguy

    I also happen to use the NoScript extension which probably affects your proof of concept.

  6. thatguy Avatar
    thatguy

    I also happen to use the NoScript extension which probably affects your proof of concept.

  7. RyanN Avatar
    RyanN

    Ah, that’d do it.
    The proof of concept assumes that you have JS turned on.

    I suppose you could hypothetically block an entire site’s content or create a nag message using the <noscript> tag.

  8. RyanN Avatar
    RyanN

    Ah, that’d do it.
    The proof of concept assumes that you have JS turned on.

    I suppose you could hypothetically block an entire site’s content or create a nag message using the <noscript> tag.

  9. Niko Bellic Avatar
    Niko Bellic

    Yup didn’t work for me – javascript enabled, adblock plus enabled. I have a piece of code I wrote that does work – it works for adblock plus and adblock – I’m not using it yet because I’m waiting for my ad service to tell me if its ok to use. Also I’m nervous as to whether Adblock creators will find a way to stop my script from working. So far my script is cross compatible, but I’m afraid of publishing it because someone will steal it and try to pass it off as their own (happened to me once before) -they sell it to others, and also because Adblock firefox developers would find out about it and they’d put an end to it quickly and then it’d be even more difficult to stop people from raping bandwidth and content.

  10. Niko Bellic Avatar
    Niko Bellic

    Yup didn’t work for me – javascript enabled, adblock plus enabled. I have a piece of code I wrote that does work – it works for adblock plus and adblock – I’m not using it yet because I’m waiting for my ad service to tell me if its ok to use. Also I’m nervous as to whether Adblock creators will find a way to stop my script from working. So far my script is cross compatible, but I’m afraid of publishing it because someone will steal it and try to pass it off as their own (happened to me once before) -they sell it to others, and also because Adblock firefox developers would find out about it and they’d put an end to it quickly and then it’d be even more difficult to stop people from raping bandwidth and content.

  11. Niko Bellic Avatar
    Niko Bellic

    I was an idiot, I didn’t look at the code (big mistake when commenting on code). Your way will work BUT you have to have control over the code being served by the advertising site. So for most users like people using Adsense, you will not be able to use this method – since you need to pass out a variable. If people put pressure on Google this way would not only work, but work well – mostly for WebApps that require javascript – since otherwise you couldn’t prevent them from using your site (if it’s content only).

    Anyways, you need to block the javascript that he posts, and then it should work since disabled would = false if the script is blocked. But again it relies on having control of the code executed on the ad server. And if you had access to that, or if you were serving ads on your own server – you could just make the javascript embedded (which is currently unblockable). So if you have fopen access (php) you can parse the ad javascript code and have it written right into your page directly – since their’s no external script, adblock can’t be used to block these ads – thereby making it near impossible to block an ad – just be sure to use random names and directories for the banners being served (if you use images). Because someone could use the wildcard to block the images.

    Idea ads would be text-based, and inline embedded into page without external scripts – that would be impossible to block as far as I can tell.

  12. Niko Bellic Avatar
    Niko Bellic

    I was an idiot, I didn’t look at the code (big mistake when commenting on code). Your way will work BUT you have to have control over the code being served by the advertising site. So for most users like people using Adsense, you will not be able to use this method – since you need to pass out a variable. If people put pressure on Google this way would not only work, but work well – mostly for WebApps that require javascript – since otherwise you couldn’t prevent them from using your site (if it’s content only).

    Anyways, you need to block the javascript that he posts, and then it should work since disabled would = false if the script is blocked. But again it relies on having control of the code executed on the ad server. And if you had access to that, or if you were serving ads on your own server – you could just make the javascript embedded (which is currently unblockable). So if you have fopen access (php) you can parse the ad javascript code and have it written right into your page directly – since their’s no external script, adblock can’t be used to block these ads – thereby making it near impossible to block an ad – just be sure to use random names and directories for the banners being served (if you use images). Because someone could use the wildcard to block the images.

    Idea ads would be text-based, and inline embedded into page without external scripts – that would be impossible to block as far as I can tell.

  13. RyanN Avatar
    RyanN

    I apologize for not being more verbose in my post. I wrote it fairly hastily during my normal work day.

    You are correct, my detection script could not be used to force a website visitor to display a given ad. This is something that google/doubleclick, et al. need to work on. If fact it would be in their best interest to start implementing unblockable ads, I’m a little surprised that they haven’t.

    Your fopen idea is pretty good, though I’m not sure how well it work with some of the more targeted ads that depend on browser variables (local time of day, operating system, etc) or some of the multi-media ads that pop out of their frames (like ads from eyeblaster inc.).

    My detection method was not meant to force ads passed ABP. It was simply meant to be used to detect the presence of the software and do something based on that information – something like a nag message or redirect – something to encourage ad-blocking visitors to turn off their blockers.

    It is also important to note that this method is NOT affective against non-browser based ad blocking software, as those software generally block traffic at a much lower level – similar to a firewall.

  14. RyanN Avatar
    RyanN

    I apologize for not being more verbose in my post. I wrote it fairly hastily during my normal work day.

    You are correct, my detection script could not be used to force a website visitor to display a given ad. This is something that google/doubleclick, et al. need to work on. If fact it would be in their best interest to start implementing unblockable ads, I’m a little surprised that they haven’t.

    Your fopen idea is pretty good, though I’m not sure how well it work with some of the more targeted ads that depend on browser variables (local time of day, operating system, etc) or some of the multi-media ads that pop out of their frames (like ads from eyeblaster inc.).

    My detection method was not meant to force ads passed ABP. It was simply meant to be used to detect the presence of the software and do something based on that information – something like a nag message or redirect – something to encourage ad-blocking visitors to turn off their blockers.

    It is also important to note that this method is NOT affective against non-browser based ad blocking software, as those software generally block traffic at a much lower level – similar to a firewall.

  15. Niko Bellic Avatar
    Niko Bellic

    hey again,
    The FOpen will of course work with all the date and time variables, all you’re doing is when the page is executed (doing it server side), you download a copy of the google javascript that’s serving ads, you then take that code and place it between script tags, and it’s embedded right in the beginning (right above the heads tags preferably), then in the body of your page all variables are initialized as regular, and everything will work. It works 100%, but the only problem is that it requires parsing Google each time a visitors goes to your site. Google interestingly enough, allows webmasters to do this – but most don’t because they don’t know how to or they’re site has too much traffic to do this for each user. What you could do is detect if the user is blocking ads, and if they do redirect them to a new page that embeds the ads. But if you have a lot of firefox users, chances are very likely they’re doing this. So again it gets annoying.

  16. Niko Bellic Avatar
    Niko Bellic

    hey again,
    The FOpen will of course work with all the date and time variables, all you’re doing is when the page is executed (doing it server side), you download a copy of the google javascript that’s serving ads, you then take that code and place it between script tags, and it’s embedded right in the beginning (right above the heads tags preferably), then in the body of your page all variables are initialized as regular, and everything will work. It works 100%, but the only problem is that it requires parsing Google each time a visitors goes to your site. Google interestingly enough, allows webmasters to do this – but most don’t because they don’t know how to or they’re site has too much traffic to do this for each user. What you could do is detect if the user is blocking ads, and if they do redirect them to a new page that embeds the ads. But if you have a lot of firefox users, chances are very likely they’re doing this. So again it gets annoying.

  17. Stuart Wright Avatar
    Stuart Wright

    If anyone has a working adblock plus detector please email it to me as I’m desperate to put a nag for leeching visitors to my website. stuart at m2n dot co dot uk. Thanks.

  18. Stuart Wright Avatar
    Stuart Wright

    If anyone has a working adblock plus detector please email it to me as I’m desperate to put a nag for leeching visitors to my website. stuart at m2n dot co dot uk. Thanks.

  19. mark Avatar
    mark

    See this post for another way to detect AdBlock:

    http://hidden-technology.blogspot.com/2008/11/detect-images-blocked-by-ad-block.html

  20. mark Avatar
    mark

    See this post for another way to detect AdBlock:

    http://hidden-technology.blogspot.com/2008/11/detect-images-blocked-by-ad-block.html

Leave a Reply

Only people in my network can comment.