Saturday, February 26, 2011

Using the Hosts File to Block Advertising

A small chunk of my linkedin page is to the right. My machine doesn't look up the IP address for doubleclick, and so I never see their content. A drawback is that it also thwarts any attempt I make to click on a targeted advertising link from Google within Gmail. That's okay.

Here's my /etc/hosts file:       localhost       asusCG

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

You can edit your /etc/hosts, but I'd suggest leaving the stuff at the top of the file (above the doubleclick entries) and the bottom (below alone.

The way this works is as a shortcut to name resolution, e.g., I can place an IP address and a domain name on a line in this file and rather than going out to the DNS to look up the name, it uses the IP address in the first column of the line. So, any lookup to
resolves to the IP loop-back address, which is my machine. I don't have a web server at that port, so the connection attempt fails.

This is a very common technique, and one can google to find other people's hosts files with lists of sites they block.

For simplicity of adding entries, I place my hosts file in a subdirectory writable by my account, and then place a soft link from /etc/hosts there.

For Windows people, the file is (as of a few years ago) hosts.txt, and I think it was buried somewhere in the system32 subdirectory. Of course, Windows doesn't support links, soft links, or anything like that. Windows does support shortcuts, but these aren't within the file system, and so are much less generally useful.

Some question the ethics of freeloading on advertiser-supplied content by blocking the ads. I have three responses:
(1) Advertising often contains scripting which threatens the safety and stability of my system. If they stop using insecure scripting languages, I might revisit this issue.
(2) Advertising sometimes starts unwelcome sound or video content, including animated gifs. This is intrusive and disruptive. Advertising scripts also often eat up many CPU cycles. If advertisers start treating users with more respect, I might revisit this issue.
(3) The above two points greatly reduce the value of the content presented along with the advertising, to the point that I would be less likely to visit any particular page. They cannot argue in the general case that they are losing revenue due to my blocking advertisements, because in many cases I simply would not visit the page.

I endorse a multilayered approach against intrusive advertisement: Adblock Plus, NoScript, and the hosts file. IMHO if a machine has private data on it, e.g., student grades, then the owner has a responsibility to block scripts from questionable source, e.g., advertisers. With personal information, e.g., financial information, it is foolish to not block these things.

No comments: