[Techtalk] Ad servers that aren't malware bait?

James Sutherland james at deadnode.org
Thu Jan 24 10:46:23 UTC 2013


Unfortunately, iSocket's approach is fairly typical; Google's own Analytics product uses very similar code to inject its own Javascript (formerly known as Urchin) into every page you use it on; Google's own AdSense code has a simple <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script> - a little 'cleaner-looking' than iSocket's block, but ultimately doing exactly the same thing: pulling their Javascript into your page, real-time, without you having any control over it.

Is it unduly cynical to note that iSocket compete directly with Google, the company which has twice "accidentally" disabled that rival product? Maybe it really is entirely accidental - after all, Google did manage to blacklist *themselves* at one point - but doing it twice does seem a bit suspicious to me. Communicating with Google is certainly quite painful, with almost every barrier imaginable in place to stop you getting to an actual person who can help rather than just a form or a statement. (The university I worked for were evaluating Google Apps and Microsoft's equivalent; Microsoft ended up getting the contract, since Google wouldn't even answer questions!)

One thing you may be able to get away with is proxying iSocket's Javascript code on your own systems; that way, at the very least Google's URL-based blacklist won't hit you when the next time it tries to block isocket.com as "malware". No guarantees this will work, but with this being a recurring and serious problem it's worth trying - and hopefully, the iSocket people would be willing to cooperate.


James.



More information about the Techtalk mailing list