CIA, NSA Block Ads Network-Wide To Protect Agencies. Ron Wyden Says Rest Of Gov't Should Do The Same.

from the [glaring-pointedly]-they're-not-wrong dept

Not everyone uses an ad-blocker. But most people do. And no matter how much online publications claim ad blocking is the same thing as stealing, it really isn’t. If they’re bent out of shape about it, it’s because they assault users with ads, burying content behind a wall of uncurated virtual salesmen. If it bleeds, it leads, the old saying goes, but now it refers to readers’ processing power and data allotments.

Far too many online publications consider processing the check on the ad buy to be the end of their responsibility. But ad servers get hijacked. Other ad companies get purchased by ad pushers with more malleable morals. Everyone collects reams of data on every site visitor. The end user of sites seems to be the last concern for ad brokers and the people who sell to them, so it’s no surprise more people are deploying ad blockers, seeing as readers of even supposedly-reputable sites have been hit with malware, spyware, and auto-playing video when just trying to access some content.

Ads can be dangerous. They can compromise systems and hijack browsers. The general public definitely knows this. Enjoy this shade thrown at ad saturation and website design overcompensation:

The government knows this as well. And it should, although it really shouldn’t be a trailing indicator on abusive ad deployment. The spyingest agencies of the Intelligence Community don’t just suggest employees should use ad blockers. It mandates them. Here’s Joseph Cox for Motherboard:

Lots of people who use ad blockers say they do it to block malicious ads that can sometimes hack their devices or harvest sensitive information on them. It turns out, the NSA, CIA, and other agencies in the U.S. Intelligence Community (IC) are also blocking ads potentially for the same sorts of reasons.

The IC, which also includes the parts of the FBI, DEA, and DHS, and various DoD elements, has deployed ad-blocking technology on a wide scale, according to a copy of a letter sent by Congress and shared with Motherboard.

The letter [PDF], written by Senator Ron Wyden, suggests the rest of the federal government follow the NSA’s lead and implement “network-based ad-blocking technologies” at all federal agencies.

While the intelligence community has acted to protect its personnel and computers from malvertising based threats, many other federal agencies have not, and are unlikely to until they are required to do so. To that end, as OMB [Office of Management and Budget] finalizes its recently released draft Federal Zero Trust Strategy, detailing the specific actions that OMB is requiring federal agencies to take to secure their systems from hackers, I urge OMB to also require agencies to implement the CISA and NSA guidance to block ads.

“Zero trust.” That sounds like an accurate court of the trust most online advertisers have earned. It’s a cesspool out there and publications looking for the easiest way to convert readers to dollars have proven willing to splash around in it under the assumption they’ll always be able to blame the foul odors on their ad partners. But that assumes people will be willing to forgive continuous abuse as long as they can access “free” content. That’s a risky assumption.

And it doesn’t have to be this way. Techdirt has experimented with a blend of ads and direct connection with readers to pay the bills. As ad providers have become less trustworthy and old standbys (like Google’s AdSense) have become increasingly erratic with their policy enforcement, Techdirt has dropped ads completely. There are no Google ads on Techdirt and no analytics trackers logging reader info for data brokers who not only help serve up “targeted” ads but also sell data in bulk to government agencies. Techdirt runs clean and is almost entirely reader-supported. Very few sites are willing to give up money to ensure the safety and privacy of their readers and that’s why ad blocking has never been considered a threat to Techdirt’s business model.

Ad blocking is a must-have these days, even for the federal government. Too much abuse and too little oversight has turned a nicety into a necessity. And if online publications don’t like the current state of affairs, they really have no one but themselves to blame.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “CIA, NSA Block Ads Network-Wide To Protect Agencies. Ron Wyden Says Rest Of Gov't Should Do The Same.”

Subscribe: RSS Leave a comment
This comment has been deemed insightful by the community.
Anonymous Coward says:

There was a point when ads were pretty reasonable. They’ve blown so far past reasonable I wouldn’t have a problem if someone just stole all of some of the predatory sites actual money as an act of protest. Pretty sure they get the money from pushing that trash on old people and the less technologically inclined who will not only never use an AdBlocker but will probably believe some of the ads that are designed to look like real news stories. Fuck em.

This comment has been deemed insightful by the community.
PaulT (profile) says:

Re: Re:

Yeah, most people don’t really mind a reasonably designed ad. The problem is that some people in the industry have come to the conclusion that an ad has to be as annoying and obtrusive as possible in order to work. From pop-up and pop-under windows, to autoplay video or other ads with sound, to ads that appear over the text you’re trying to read (usually with a carefully hidden close button) the industry seems to have decided that annoying the crap out of people sells. Maybe it does in terms of click-throughs, but I’m willing to bet that half of those come from people trying to shut the ad off but can’t find the right place to click.

The security and privacy implications that come with a lot of modern ads are really just the icing on the cake that drives final adoption of ad blockers, but the ad industry seems to have been begging people to block them for at least a decade.

sumgai (profile) says:

Re: Re: Re:l

… begging people to block them for at least a decade.

"At least a decade" is accurate insofar as it goes, but that’s because of simple arithmetic. Try about 28 years and counting. We’ll give it three months or so of peaceful browsing, since the date that Tim Berners-Lee first turned on the Internet. But that’s being generous of me, it could be an even shorter interval, I’m not sure anymore.

Anyone else here remember using Fido, Archie (and Veronica & Jughead, of course), Telnet, FTP, Gopher, Lycos, on and on….? Good times, good times.

Anonymous Coward says:

Re: Re: Re: Re:l

Anyone else here remember using Fido, Archie (and Veronica & Jughead, of course), Telnet, FTP, Gopher, Lycos, on and on….? Good times, good times.

Yeah, good times, but would you really want to go back to that? I used to mirror Asus’s FTP site to determine which motherboard to buy­ (convert the PDFs to text and grep for the necessary features), which is now much more difficult. Carmack’s finger feed was not user-hostile like his Twitter feed (there’s Nitter, but Twitter is always rate-limiting it, so one has to find a more obscure instance than; it’s not so easy to just run a cron job).

But despite a few good aspects of the old days, most information was just unavailable and/or unfindable. I’d search for information for school reports on Webcrawler or whatever the good engine of that year was, and usually end up at the library anyway—who’d have one or two books and have to do an interlibrary loan for the rest, which we could only hope would be useful (no full-text search). There was no Wikipedia, Sci-Hub, or Library Genesis. We’d have to actually buy textbooks (of course, tuition was much cheaper). Ad-skipping with a VCR was too much effort for most people, and couldn’t be done while it was still recording. We’d be sitting in a movie theater halfway through a film we’d paid for before realizing that it wasn’t going to get good. The news was always a day or two late, with no reader comments… though come to think of it, we weren’t any worse off from that.

PaulT (profile) says:

Re: Re: Re: Re:l

Meh, define "peaceful browsing". Basic banner ads have never concerned me, apart from the odd occasion where someone made a truly obnoxious flashing one, nor do clearly delineated text ads. Maybe I’m being kind by only saying a decade, but the ads that actively try to disrupt the browsing experience are the ones that are the problem.

"Good times, good times"

Those are nice rose coloured glasses you’re wearing, but I’ll note that if you want to give up the modern browsing experience entirely then those things do still exist.

Anonymous Coward says:

Re: Re: Re:

Yeah, most people don’t really mind a reasonably designed ad.

Look up "banner blindness". The reason people don’t mind non-annoying ads is because they literally don’t see them. There have been website developers wondering why people couldn’t find the information they wanted, when there was a big banner for it right at the top of the front page—tests showed that people ignored it because it was a roughly ad-sized graphic.

Likewise, people just don’t look near the ad areas of public transit vehicles; the people running such services know it’s not a good place to announce important service changes.

Do you actually read Techdirt’s "daily deals" posts?

Anonymous Coward says:

Re: Re: Re:

you really need a dedicated firewall.

That’s kind of the opposite of the mentioned "zero trust" strategy. It leaves computers vulnerable to attacks from inside the firewall, or inside alternate networks such as coffee shop wifi. With "zero trust", the computer should be able to protect itself, which means local ad-blocking (if any) among other things.

Although, in my experience, there just aren’t that many online ads anymore. I haven’t even run an adblocker lately, just a Javascript blocker (with no URL-based blacklist—so if it’s blocking ads, that’s only a side-effect of the admakers not caring about graceful degradation). Perhaps they’ve all moved to sites like Facebook that I don’t use. DuckDuckGo is the only place I regularly see them.

Anonymous Coward says:

Ads also use bandwidth memory and battery power many people are on mobile devices with with data caps why waste resources just to show ads that you will never respond to . I think the ads on Google are OK as they can be skipped after a few seconds. Many older people do not know ad lockers exist.
The federal government does not employ employees to buy random items why risk showing ads that may deliver malware or steal user data from government networks?

Ninja says:

Energy consumption

One of the things I would like to see scrutinized is how much resources that ultimately translate into energy consumption the online advertisement industry use. There are sites that slow browsers running in quite fast rigs to a crawl. Techdirt was one of those some years ago. ArsTechnica is a very big offender in this issue, the experience is unbearable without a good adblocker enabled.
That and the privacy aspect led me to simply ignore sites that prevent access if you have any adblocking enabled. To me they simply don’t exist. And I know I’m not alone here.

That Anonymous Coward (profile) says:

To be fair most of the government is running on Windows for Workgroups…

The problem is so bad they are thinking about government wide ad blocking… gee this seems like it is a bigger problem than some conservative got mad they got a time out for using the N word.
Imagine if they applied even 1/4 of the bluster against FB to the ad underworld…

But then they requires empathy for other humans & not just seeing them as cattle to be milked for their vote and then shuffled into the slaughterhouse.

Bobvious says:

Re: ads on YouTube are OK

as they can be skipped after a few seconds

I NEVER see them.

On Firefox, you can use AdBlockPlus or uBlock Origin.

Also try Privacy Badger, Decentraleyes, NoScript and DuckDuckGoEssentials.

Mozilla has a list of Recommended extensions for Firefox. You can reach it via the Addons option of settings, or go directly via

Anonymous Coward says:

Re: Re:

i’ve noticed in recent months, on my admittedly old rig, that something about browsers and site code can cause massive issues. even a Youtube embed can hang my whole system when using Firefox. for some reason, Soundcloud scripts here also caused a massive issue, but it was just one day or so.

stuff that was perfectly fine before is now a severe issue. unfortunately had to go back to a chromium (Iron) for anything with video.

ads certainly do not help but i generally don’t see them.

That One Guy (profile) says:

'You mean I don't HAVE to see flashing lights every two seconds?

As someone who remembers a time when an adblocker wasn’t the first browser extension downloaded on any new browser I feel safe in saying you wouldn’t need to mandate anything, simply say that the agency/department is running a test to see how adblockers impact performance and run them for a month and then just let the employees decide if they want to keep using them after that.

I can all but guarantee that after seeing what the internet is like without being barraged with obnoxious ads the overwhelming majority are going to keep using adblockers and at that point you can just roll them out department/agency-wide so the IT department knows what’s on all the machines and has an easier time of it.

PaulT (profile) says:

Re: 'You mean I don't HAVE to see flashing lights every two seco

There’s enough browsers out there now with built-in ad blockers (such as Opera, Brave, Vivaldi, etc) that you don’t even need to do that. Just change the default browser, and since most of them use Chromium on the backend most users will barely notice the difference (and you can often fool the ones that do by changing the shortcut icon so they think they’re still using Chrome).

ECA (profile) says:

tricks of the trade.

HTML 4 it wasnt easy to do some of this, the new HTML5 makes things abit easier to cause problems.
But even with blockers there are Holes in the system. Even now Avast is telling me I have a few things on my computer I dont want.

Year ago I asked Google and Firefox to add a feature and a Why not.

  1. I wanted every script to have a note on it about where it came from. Shouldnt be to much of a problem, as you USED to be able to add notes to Anything. That way I could look back to see WHERE the crap came from.
  2. was Why dont we open each of the Languages used on the net, 6+, in there own Locked windows ? Well thats a interesting thought, but they use the languages back and forth to do things the other languages DONT. They jump back and forth all the time.

Why not pop the movie out of the browser and Play it in restricted/protected window, that gets erased as son as you close it? That not all they want to do. Playing the video, you have given them Access to do things on your computer.

The biggest thing to express to people, is that the Internet is ALLOT of text. And it dont RUN on the net, Its put on your computer AND then it runs.

MS had a program thats on every computer. It had a test prog inside of it, That was never removed. NO AV or Adblock or any program EVER found it. Until someone ran the data thru another computer to look at the thru-put. to see what was being sent out from Your computer.
The Media player had a bot inside that would send Data back to MS, about every music and video you played. Think this was removed in 2008. But you would think, that since it wasnt removed that MS would have seen the incoming data from Billions of people. NOPE. NOT until someone told them it was there, and the idea that Everyone would Switch to another prog to play their Media.

Anonymous Coward says:

Internet Security Tip: DON'T CLICK ON LINKS!

Has anyone noticed the stunt CNN pulls if you take (hopefully someone else’s) browser onto their site bareback? They have a whole series of links at the bottom of the page, that look like they go to "special interest stories" on other news sites. But if you right-click on the link to "Copy Link", it gets replaced by an link full of spy data and no news link. Short of writing down the link with a pencil and paper, or deeply and perhaps illegally hacking into the source code for the web page on your browser, there’s no way you’re even going to make a note of where the link was really supposed to go. And Outbrain was famously used by the Syrian Electronic Army to hack readers of news sites, so this is no minor issue.

Thanks to the magic of the Javascript-infested corporate rewrite of the so-called "web", literally any link could be taking you to the most insecure site on the planet. So there is really no way to deal with that other than by trying to block any links you don’t need … and who really believes that will work anyway?

Bobvious says:

Re: illegally hacking into the source code

for the web page on your browser,

HACKING??????? You mean View Source? On the information that’s already been downloaded to my browser?

So there is really no way to deal with that other than by trying to block any links you don’t need … and who really believes that will work anyway?

Noscript, anyone?

If you want to ride the internet bareback on Edge, be my guest.

Anonymous Coward says:

Re: Re: illegally hacking into the source code

yep. noscript is always my first browser extension, then an ad blocker.

also you can do any crazy fancy thing you want to page code once it is cached on your system. developer mode? whatever passes for greasemonkey-ish stuff these days? stuff that darkens or rearranges site pages?

yeah, that’s not hacking a site, as Bobvious noted.

GHB (profile) says:

Ads are more of an annoyance if it is on a non-browser software

If it is an ad on a webpage that it is sandboxed within a browser in which that is acting as a user-agent (such as firefox, edge, or google chrome), at least the user have some control.

but when it comes to other software (often proprietary and not acting as a user’s agent, unlike browsers) to run advertisement, the shady developers is the one that can force shady or outright intrusive behavior against the user.

Take for example, Microsoft’s solitaire, for windows 10. While not malicious on its own, but it has ACCESS TO THE VOLUME DRIVERS, in an attempt to play them at full blast, and evading the user’s ability to mute or lower the volume via separate volume drivers. Like what the actual fuck. Go look for open source alternatives, folks. Microsoft really betrayed its users on that one. How dare you microsoft for purposely allowing this.

Another example are ads within mobile games. Dark patterns glore, from fake hairs to even some video ads redirecting the user to the app/play store automatically without even touching the device

In these situations, instead of blocking ads within the software (which is possible on browsers, but may require hacking the software to disable ads), how about blocking them at the network level? Enter pi-hole

GHB (profile) says:

Some ads autoredirect, others opens tabs when clicking anywhere.

Some ads may auto-redirect when visiting the page or a few seconds after the page is loaded, however others may perform unexpected action when clicking anywhere on the page (even if you click on non-ad content such as links to another page within the website).

This situation often opens the intended target page URL in a new tab with the current tab going to the ad page. Effectively this is the tab version of pop-unders.

This BS happens a lot on file hosting sites like mediafire, some adult art sites like rule34, and some other sketchy sites.

One dirty trick to avoid this is by visiting the site, turn on airplane mode, click the link, close the suspicious tabs it opened (cannot load content because no internet connection), go to the tab of the target link, turn off airplane mode and refresh.

catsmoke (profile) says:

advertising is immoral and ought to be illegal

All advertising is odious, and always has been—as Charles Baudelaire described in the mid-19th-century: "The immense nausea of advertisements." (Intimate Journals, XLIV)

The poet was correct. To see or hear ads is to instantly feel queasy. Advertising is the pollution of the public sphere by those who love money.

All advertising ought to be banned and forbidden. Never allowed under any circumstances.

Even if such laws would be difficult to define and enforce, let us end this pox upon mankind.

PaulT (profile) says:

Re: Just one thing…

This is true, but it’s down to the site to provide reasons and options to do so. I pay for a few sites where I know I will get valuable content, and which allow me to view or use the site without ads. I know some sites I click on to see something I was linked to from elsewhere, and I click the back button as soon as I get a nag screen telling me to allow obstructive, potentially hazardous ads before I can even see what the content was and if it’s worth paying for.

Running a website isn’t free, but there’s ways to monetise that don’t depend on risking the security of their users or bombarding them with ads that stop them from accessing the content. Balance is the key, as well as the knowledge that even in the physical world not every person who uses a particular source will directly pay for it, but making a service annoying or risky to use is not the way to get that profitability.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...