Ad-Block Wars: How do the countermeasures work?

As some of you may know, Forbes.com recently took the unusual step of completely disallowing access to their content to anyone running an ad-blocker (apparently people who visit Forbes without an adblocker will be served Malware). I have two questions. One, how does Dorbes know when an ad-blocker is running? And two, why does the following bit of “code” circumvent Forbes’ maneuver and make the site accessible again?

I was told to get a plugin called EditThis Cookie and then “important the following as a JSON”.

[ { “domain”: “.forbes.com”, “hostOnly”: false, “httpOnly”: false, “name”: “dailyWelcomeCookie”, “path”: “/”, “secure”: false, “session”: false, “storeId”: “0”, “value”: “true”, “id”: 3 }, { “domain”: “.forbes.com”, “hostOnly”: false, “httpOnly”: false, “name”: “welcomeAd”, “path”: “/”, “secure”: false, “session”: true, “storeId”: “0”, “value”: “true”, “id”: 9 } ]

What voodoo is this?

I don’t have an answer to your specific question but I just want to say that I believe you’re mistaken about Forbes blocking access. There were doing a trial between Dec 17 and Jan 3 offering an “ad lite” experience for those who turned off their ad blocking to see how many did. At the moment the site is accessible just fine with ad blockers enabled, at least for me – in fact I just got this snippet from one of their articles:
Since Dec. 17, 2015, a small percentage of those with ad blockers received this message:

Thanks for coming to Forbes. Please turn off your ad blocker in order to continue. To thank you for doing so, we’re happy to present you with an ad-light experience.

The remainder of visitors using ad blockers became the control group. They didn’t receive a message and continued to have full access to the site.

Forbes links are always visible if the referring address is google, which might impact your “this works for me” test. So if you really want to see a Forbes article for some reason, so you just google the url and click through.

That bit of JSON causes your cookie editor to set two cookies on your machine that will be sent to forbes.com, one called dailyWelcomeCookie and another called welcomeAd.

Forbes has some code that checks for the presence of these cookies which (under normal circumstances) would be set by your viewing the ad.

[ { “domain”: “.forbes.com”, “hostOnly”: false, “httpOnly”: false, “name”: “dailyWelcomeCookie”, “path”: “/”, “secure”: false, “session”: false, “storeId”: “0”, “value”: “true”, “id”: 3 }, { “domain”: “.forbes.com”, “hostOnly”: false, “httpOnly”: false, “name”: “welcomeAd”, “path”: “/”, “secure”: false, “session”: true, “storeId”: “0”, “value”: “true”, “id”: 9 } ]

What voodoo is this?
[/QUOTE]

I haven’t looked at their system in particular, but from what you describe, maybe they just look for a cookie that a successfully displayed ad would’ve set? “If cookie was set by the ad, assume that the person isn’t using an adblocker.”

So that plugin would’ve let you import a fake cookie to make it look like your ads were working.

JSON is just a format used to store data, as you see.

That may well be, which is interesting in itself, but in this case I went directly to the Forbes home page, and then clicked on the article I quoted that I happened to see on the home page.

The countermeasures work by putting stuff in the page that the adblocker is expected to remove, and then later checking to see if the stuff is still there.

FuckAdBlock is an example of this.

There are, of course, already countermeasures to the countermeasures, which work by getting installed first and saying that no blocking was detected.

FuckFuckAdBlock is an example of this.

Quiblle … adblocker is expected to block the REPLACEMENT OF ?
adblocker is expected to prevent the INSTALLATION of ?
I see the advertiser being asked to set a specific cookie on each URL, so as the main website can have some idea that the advertises URL was loaded…

The values in the cookie are subject to change, they could even be made formulatically so the values to pass “no adblocker” test could change within days or even hours…

I found that it was clicking to a forbes article from a google search that triggered the block. But clicking a link from elsewhere or directly entering the URL (which was not visible on the interrupt page) did not.

And I just checked. It’s still doing it. I searched for “forbes clinton” without quotes. The fifth link down is for an article “The Richest And Poorest Presidential Candidates”. The link from google has a bunch of gibberish that probably means something:
http%3A%2F%2Fwww.forbes.com%2Fsites%2Fafontevecchia%2F2015%2F09%2F29%2Fthe-richest-and-poorest-presidential-candidates-from-hillarys-millions-to-marco-rubios-debts%2F&usg=[buncha stuff I deleted]

Cleaning that up and just directing my browser to http://www.forbes.com/sites/afontevecchia/2015/09/29/the-richest-and-poorest-presidential-candidates-from-hillarys-millions-to-marco-rubios-debts/ worked just fine. And now clinking any google search result link works too without taking me to the interrupt page I was seeing just minutes ago. Probably witchcraft.

First, it’s spelled “quibble”.

Second, what you have are questions, not quibbles.

Third… what? Adblock works by removing parts of pages. What are you on about?

Adblockers only remove cookies inasmuch as they prevent ads served from ad servers separate from the main server from loading. If the ads don’t load, your browser never contacts the ad servers, so it never gets any cookies from that server.

This prevents tracking and malware, as websites typically contract out advertising to companies which serve ads for a whole bunch of different sites from the same computers. That way, the companies can track you, as cookies set from DomainA.com can only be read by computers that serve content for DomainA.com (Same-Origin Policy), and malware creators only have a few companies to give bad ads to in order to load malware on a large number of systems.

With me Adblock Plus always seems screwed by pop-unders anyway. You know, the type that dim out the rest of the page and beg you to subscribe.

If it’s just a one-off visit, View->Use Style->None (or the equivalent command in your browser for overriding the site’s CSS) will usually circumvent this. It may make the page look ugly, but usually all the text and images will still be there.

Good that you put that term in quotation marks. One developer ran some analyses on Forbes’s “ad lite” version and found that it was 4% real content and 96% ads. If this is true (and I have no reason to doubt it), I shudder to think what the normal “ad heavy” version of their page is like.

Forbes is still blocked on Firefox, but not in Google Chrome, despite using the same Adblock software and filters. Before I just now checked in Firefox, I’d actually thought they’d worked around it.

I read before that it is turned on on a trial basis, only to some IPs on certain browser configurations. I assume the idea is to compare results.

Seeing as they’ve had malware from their ads since starting this experiment, I’m not inclined to even try shutting off, even long enough to get the cookie.