Randy Westergren writes:
Any time we allow 3rd party scripts to run on our sites, we effectively relinquish control of the code that executes on the client. This is particularly important when integrating ad network scripts since they are inherently more dynamic than most other types of integrations, the cause of which is the ad industry’s general fragmented nature.
Randy details the vulnerability and lists high profile vulnerable sites including The Telegraph, NYPost, CBS News, NBC News, NYTimes, MSN, Washington Post and the BBC.
It’s always surprised me that publishers are so willing for third-party scripts to be served to their customers over the RTB exchanges without any real quality control tools.
Even guaranteed advertising presents quality control challenges for publishers who are limited to sampling the responses of agency ad tags, rather than being able to examine the underlying creative or tracking scripts directly or be notified of changes being made by the buyer.
Given vast coverage of advertising across the web and their vulnerability to XSS attacks, it is surprising so few have attacks have been documented.
Yet another reason to run an ad blocker, despite the financial hurt they cause to publishers.
Scott Galloway, Professor of Marketing and Brand Strategy at NYU Stern and Founder of L2 said at DLD:
The advertising industrial complex is about to come to an end and the downstream service providers–the conglomerates–are about to take their turn at the woodshed.
The house that advertising built was consumer packaged goods. They taught us that detergents and soaps could be wrapped in emotion. You were a better mum, you were more American, you were a more elegant European if you used a certain type of hand soap. This is the house that advertising built.
Last year the house that advertising built, almost 90% of all CPG brands lost share, and two-thirds lost revenue. Why? Because advertising sucks! And if you’re wealthy you can opt-out of advertising. We are now downloading Modern Family and paying two-bucks [$2] for it on iTunes solely so we can avoid the advertising. Advertising is becoming a tax only poor people pay.
Scott follows the money and describes my individual experience precisely.
I pay for content on iTunes and Netflix, and subscribe to the few publications I read regularly to avoid advertising.
Most advertising is irrelevant and low quality and I’d rather not give up yet more of my privacy in the hope of seeing more relevant advertising.
Those with the means are going to opt-out by paying for content or install an ad blocker to bypass advertising all together.
Todd Garland of Buy Sell Ads writes for MediaPost:
When did it become acceptable for advertisers to allocate a perceived value to a publisher’s inventory? If we’re looking for examples to help us define the concept of onerous terms, look no further than the ecosystem built, and continually propped up by, RTB advocates.
I’d like to say that it’s insane.
Imagine walking into a car dealership and then simply telling the salesperson what you will be purchasing a car for. Do you think a dealership would let you walk out with the keys? That’s exactly how RTB exchanges work today.
Only a few days prior, Todd wrote on LinkedIn:
The IAB and the house it built is a mess, and it’s dangerously close to catching fire and burning to the ground. The IAB still continues to ignore the simple fact that people have voted with their Chrome, Firefox, and Safari plugins. The market reality we’re all facing is something the ad tech industry has created and end-users don’t give two “merdes” about what that means for publishers.
Todd doesn’t pull any punches and says publicly what many have been thinking.
More frequent critical appraisals like these would benefit the advertising industry.
Mike McCue writes on Medium:
If you seek out and uphold the first principles you will not only make a good decision, you’ll do it in way which strengthens your team rather than splintering it.
Mike writes about using first principles when making tough decisions and provides a practical example from his own experiences.
After all, integrity is all about upholding principles… And principles only matter when they’re hard to keep.
Good advice, but hard to follow when it counts.
It has been interesting reading the stream of articles since the FBI requested Apple to assist recover data from the iPhone seized from attack in San Bernardino.
No doubt a serious legal precedent will be set, but as many have pointed out the physical existence of a modified operating system allowing faster brute force access to an iPhone is far from ideal.
One of the aspects I appreciate most of my iPhone is it’s security, simply because I rely on my mobile in day to day life including banking and paying bills.
But it’s not just financial information that is valuable.
Having confidence other types of personal information is secure is important, particularly as social engineering based attacks become increasingly common.
As technology connects us, allowing to share increasingly personal and confidential information on our mobile devices, security needs to keep up.
Government mandated backdoors or weakened encryption prevent any such lock-step.
I am very lucky to work in a great product and engineering team at Adslot, which embraces continuous improvement and encourages experimentation to create a better working environment and build better products for our customers. Over the last four years at Adslot we’ve tweaked, polished and overhauled many aspects of development, QA, product and UX processes and tooling. Besides what we’ve learned from the individual experiments, more recently I’ve been increasingly appreciating the value of formalising the processes and ideas that stick. This seems painfully obvious in hindsight.
I think formalisms are helpful because they assist processes and ideas be communicated more effectively by providing a common language for the underlying ideas and motivations. This also makes it easier to critique, improve and apply to new contexts.
This realisation particularly struck me over the last few months when we became aware that we’d independently arrived at an engineering culture and product processes similar to some great companies we respect. It was satisfying to realise we were on ground already tread by other great companies, but my real excitement has come from how we’ve been able to improve how we communicate our processes and culture across the business. This is particularly useful at Adslot where we are trying to build a common culture and shared processes across many teams distributed around the world.