It garbles advertisers’ data as a result, but you must disable uBlock Origin to run it; they can’t work simultaneously. I recently moved to it and, so far, am never looking back!
You know this is the good shit because when it first came out a few years back google was running a huge disinformation campaign against it. You’d search for “adnauseum” in google and the first result would be an article from some weird advertising company calling is “insecure” and “malware” without any actual argumentation behind those claims, while no other search engine returned that article (I lost the screenshots, so yall are just gonna have to take my word for it). They also delisted it from the chrome store for not discernible reason. They were afraid.
But nowadays I’m willing to bet that they figured out how to detect adnauseum’s fake clicks and filtering it out. Stuff like that needs a talented development team to keep it up to date.
Has the same limitations as uBlock Origin with Manifest v3 and won’t work in Chrome.
If you’re still using chrome at this point that’s on you.
I use Librewolf. The comment was meant as info for those who think that having uBlock as a base still holds significance in light of Manifest v3.
I meant the general “you.” “People” would have worked.
Or a Chrome derivative
I was actually curious about this as we’re forced to use Edge or.Chrome at work.
The solution is simple. Chrome ditches manifest v2? Ditch Chrome.
I always liked using this on the premise of privacy-through-obfuscation. If the powers that be must get information from me, then i’d prefer to give them garbage information.
And lots of it.
Google has put a lot of effort into detecting and blocking stuff like this. They call it “click fraud”, if you want to look it up.
It’ll just mean they start ignoring clicks from you.
That, I guess, it’s the whole point. Stopping being tracked 🙂
This feels like reverse psychology on a little kid.
“That’s it, I’m not tracking you anymore! >:(”
“Oooh nooo, what have I done! Oh how much I would wish to be tracked :(”
“No, you won’t convince me to change my mind >:(”
“Oh well, guess I’ll have to live without being tracked, what a shame that is.”
if enough people start doing it might be effective
Not sure how true it was, but there was a YouTuber claiming that their videos were getting entirely demonetized because too many of their viewers had Ad blockers enabled. So even though 75% of people were seeing ads on the video, Google was keeping that ad revenue, withholding it all from the creator because 25% weren’t getting ads. The claim the youtuber made is that this will probably predominantly impact creators with a more tech savvy / privacy aware audience, resulting in less of that niche content.
Anyway, this is anecdotal, but I wouldn’t put it past Google to pass the issue to the creators for the actions of their consumers, even though it’s not their fault.
google has way too much power. its threat to everything
Throw in a dash of track-me-not (https://www.trackmenot.io/) and maybe they’ll start ignoring your search queries too! Worst case my actual searches are so buried in the bs deciding what to market would be easier from my screen-name.
Fascinating, thanks for sharing! What is the best, current Firefox fork of this one, if you know?
it’s a browser extension for Firefox, not a fork of Firefox. Or did I misunderstand you?
I was reacting to its GitHub:
This project is NOT currently being maintained. Code is made available for developers to fork. This is the FireFox version of the project, for Chrome see https://github.com/vtoubiana/TrackMeNot-Chrome.
So I’m wondering which active fork is best to go off of for Firefox. I could’ve been clearer; my bad.
can confirm. You know those ‘google rewards’ things? they slowly stopped going for the results from trackmenot lol
it was nice to get $1 a month off my VPN subscription lol
This would still make a connection to the ad servers that can then track me though.
I guess with a hardened browser and a VPN it would be alright.
At this point I think it’s better to poison the well.
Good start. Now make a version that clicks each ad a random number of times from randomly generated IP addresses.
That’s not how IP addresses work.
What if we use a Visual Basic UI to hack the IP address by netmask?
Yes, but this only works if you connect your VPN via 3 block chain proxies.
Is it from this? https://youtu.be/hkDD03yeLnU
maybe we can setup a botnet to poison advertiser data.
click all the ads, all over the planet!
Feed it SQL injections?
Have it form connections to all the other browsers using the extension and they all send a click.
deleted by creator
“He who save his country does not violate the law” 😏
Naw, it’s an MMORPG.
Is the botnet itself breaking the law or is breaking the law with a botnet breaking the law?
deleted by creator
Okay okay, how about a counter that is updated with each user clicking on an ad, and the client can decide what they want to do with that information, totally not a botnet right?
peer networks are not illegal if the peers are consenting members.
It just changes the user agent instead…
You can fake your IP. There isnt really any authentication at the IP level. Just make a packet and overwite the IP field.
Edit: I was corrected. The TCP handshake requires you to have a valid IP you can respond from. So even though you can fake your IP, you can’t use that to talk to most websites.
You need a TCP handshake prior to sending any http payload.
Oh yeah. Forgot about that.
Nothing is random
In bot cases like this you would have a proxy list that it “randomly” picks from
It does if it reports the URL to click home somewhere and users can opt in to pull the list to auto click.
It would DDoS the ad servers. Muwhahahaa
Totally doable if this was a distributed service.
ok not randomly generated, but you know
Ad Networks use browser fingerprinting to detect duplicate clicks, which is tied to your hardware, system locale, installed fonts etc.
Sounds like a solvable problem
Some ads have used browser exploits to infect visitors in the past. So this is a very, very bad idea, if it actually is implemented in a way that is hard to filter for ad networks.
So the way I understand this to work, it’s 100% safe from the type of attack you’re describing.
You are clicking the link (asking the advertiser for the data) but then never actually fetching it.
So you can never get the malicious payload to be infected.
Im too scared to trust it works out fine in the end to use it, been raised on the idea that interacting with an ad in any way other than task managering the pop up is dangerous. Wheres the part of the code that makes it safe and a write up of how it functions, otherwise im fine just blocking ads with regular ublock.
the part that’s safe is in the browser. it’s a basic fact of how http requests work that you can just request data and then not read it.
also, “task managering the popups”? unless i’ve missed some very weird development that has literally never worked, because popup windows are part of the parent process.
Back on Windows 95 through XP, each individual window was a process that could be killed in Task Manager, and popups opened in a new window.
really? sounds like a weird span of systems considering they share so little code. i’d like to read on how they did that.
It’s wholly incorrect.
I was fairly young, but I do remember using Windows 95 or 98 with Netscape and there were popups that had to be killed through the task manager (or equivalent, it was 30 years ago, so I don’t remember precisely).
Here you go, from the repo:
const visitAd = function (ad) { function timeoutError(xhr) { return onVisitError.call(xhr, { type: 'timeout' }); } const url = ad && ad.targetUrl, now = markActivity(); // tell menu/vault we have a new attempt broadcast({ what: 'adAttempt', ad: ad }); if (xhr) { if (xhr.delegate.attemptedTs) { const elapsed = (now - xhr.delegate.attemptedTs); // TODO: why does this happen... a redirect? warn('[TRYING] Attempt to reuse xhr from ' + elapsed + " ms ago"); if (elapsed > visitTimeout) timeoutError(); } else { warn('[TRYING] Attempt to reuse xhr with no attemptedTs!!', xhr); } } ad.attempts++; ad.attemptedTs = now; if (!validateTarget(ad)) return deleteAd(ad); return sendXhr(ad); // return openAdInNewTab(ad); // return popUnderAd(ad) }; const sendXhr = function (ad) { // if we've parsed an obfuscated target, use it const target = ad.parsedTargetUrl || ad.targetUrl; log('[TRYING] ' + adinfo(ad), ad.targetUrl); xhr = new XMLHttpRequest(); try { xhr.open('get', target, true); xhr.withCredentials = true; xhr.delegate = ad; xhr.timeout = visitTimeout; xhr.onload = onVisitResponse; xhr.onerror = onVisitError; xhr.ontimeout = onVisitError; xhr.responseType = ''; // 'document'?; xhr.send(); } catch (e) { onVisitError.call(xhr, e); } } const onVisitResponse = function () { this.onload = this.onerror = this.ontimeout = null; markActivity(); const ad = this.delegate; if (!ad) { return err('Request received without Ad: ' + this.responseURL); } if (!ad.id) { return warn("Visit response from deleted ad! ", ad); } ad.attemptedTs = 0; // reset as visit no longer in progress const status = this.status || 200, html = this.responseText; if (failAllVisits || status < 200 || status >= 300) { return onVisitError.call(this, { status: status, responseText: html }); } try { if (!isFacebookExternal(this, ad)) { updateAdOnSuccess(this, ad, parseTitle(this)); } } catch (e) { warn(e.message); } xhr = null; // end the visit };That’s pretty much it! Let me know if it doesn’t make sense, I can annotate it
Interesting, was wondering about this. This would also “help” the websites with more ad income right?
if thats true, brb setting up a website and a bot farm
Haha I imagine they need at least unique ip addresses to count. Now I wonder if for clicks to count you need to properly click through and load the target website with the same “browser fingerprint”.
Careful: that then enters the world of ad fraud, which randos like us doing the clicking isn’t considered as.
Potentially.
This would just give money to the advertisers.
I’ve used this for a while. Also, I love filling out corpo surveys because I feed them bad data. It’s the little acts of chaos.
Another great extension:
https://addons.mozilla.org/en-US/firefox/addon/fake-data-haterapps/
If they want real information, they can pay me, and even then, well… :) Don’t work for free.
Ha, this is as hilarious as it is creative. Interesting find; got any more?
Depends on the situation really, it makes me feel the joy of a naughty child. Roll with it. Where you can feed people bad data, do it. Where you cannot, strip it and block it. Obtusify and randomise how your computer connects to the internet (browser spoofs, VPNs, SPN, etc.), use containers (Firefox), support others breaking rules (https://snowflake.torproject.org/), contain your applications (https://safing.io/), spoof things like location etc. This is my little everyday act of anarchism. If people want to fight back against this bullshit, they should learn to stop complying with the folks putting everyone and everything in boxes. People are so used to mindlessly complying. It’s my nerdy kind of fun. Make your phone & computer a poisoned apple when you have time.
Dang, I had no idea of Portmaster! I wish I talked to you years ago and will check these out, thanks, and I fully agree with your stance as well.
Why can’t uBlock Origin and this thing work at the same time?
because it’s a modified uBlock Origin, so it’s like running two ad blocking plugins at once, which isn’t recommended. and if uBO blocks an ad first, AdNauseam won’t be able to detect it and click on it.
anyway, I remember reading a long time ago how that approach isn’t going to harm ad companies anyway, because [technical reasons that I don’t remember at all].
I use it because otherwise I’d use ublock anyways. So it either does it thing and if not, it’s the same result as ublock.
It’s a bit redundant to run both at the same time, considering they both practically do the same thing and one is built off of the other.
Just curious- if ads are for something illegal, couldn’t this expose me to liability for theoretically “clicking” it from my IP/device? And if ads are for something unsavory ( like a “chat with local cougars” site or something similar), wouldn’t they start to deliver me more such ads, thinking, wow this IP is the only one clicking every sex chat ad, send them more!
How many websites do you browse with links to truly illegal content?
If you live in a country with truly abysmal human rights, definitely don’t bother with this plugin, but in most cases you should be fine on the illegal side.
Even if somehow the website you’re browsing has some super sketchy ad to
buyillegaldrugshere.comor whatever, to get in trouble with the law in most civilized places you’d have to actually buy the illegal drugs, not just ping the illegal drugs IP. Especially since you can pretty easily prove to a judge that your system fetches ad links automatically and without further engagement.Not saying it can’t happen, just that it’s really unlikely you would be served an ad for something so illegal just clicking on it is a liability. The literally only case I can think of coming close is CSAM, but even then, if you’re regularly browsing websites that advertise CSAM, maybe find other websites to occupy your time? And I can just about guarantee any website serving CSAM ads is already doing illegal shit, so you should probably be more worried about that than an ad-click…
I’m not sure how many ads on different sites are sketchy. I don’t feel like finding out, that’s why I block it. There have been plenty of reasons that all sorts of illegal stuff gets inserted on well-meaning sites, so it seems like it’s inviting all sorts of trouble to automatically click stuff without consideration.
I don’t know, just sounds like I’d be contributing to the marketers metrics so they can show “it works”. it’ll only make them invest in ads more. if anyone thinks capitalists are these genius level manipulators who know how everything works I only refer to the richest person alive being the least charismatic, least knowledgable, unfuckable troglodyte who keeps making an ass of himself.
if any of these companies suffer any losses or reduced profits they’ll just fire hardworking people, not one of them will turn around and say maybe the ads aren’t working when you actively work to show them that it is working.
… until they keep having to dismiss people and go, “… huh.” This is a marathon we’re playing. You certainly don’t have to use it, but I think the philosophy makes sense, especially given how AdNauseam doesn’t click on acceptable ads that don’t track you.
they will never go “huh”. you give way too much credit to corporate management.
