02:54 PM
Connect Directly

Aviator Browser Blocks Ads, Cookies By Default

Google Chrome, Microsoft Internet Explorer and Mozilla Firefox betray privacy for ad revenue, claims WhiteHat Security, maker of new privacy-first Aviator browser.

 Microsoft Surface: 10 Best And Worst Changes
Microsoft Surface: 10 Best And Worst Changes
(click image for larger view)
Characterizing mainstream Web browsers as insecure and damaging to privacy, WhiteHat Security has released a browser for OS X called Aviator that blocks ads and preserves privacy by default.

Based on Chromium, the open-source foundation of Google Chrome, Aviator treats advertising as a security vulnerability, privacy violation and general nuisance. Not only does it block ads and advertising tracking cookies via the Disconnect extension, it is preconfigured to use Duck Duck Go, a search engine that does not collect personal information, as its default search engine. Aviator operates in what Google Chrome calls "Incognito mode" all the time.

In a blog post, Robert Hansen, director of product management at WhiteHat Security, explains that browser vendors like Google, Mozilla and Microsoft have elected not go as far as Aviator has gone because doing so would reduce revenue from advertising.

Arguing that those who don't click on ads are not the sort of customers the online ad industry wants, Hansen contends that blocking ads by default can increase online satisfaction for millions, serve advertisers better by showing ads only to those who elect to see them, and protect people from privacy violations and the malware that travels on ad networks.

[ Will Google's enterprise efforts win you over? Read Google In The Enterprise Survey: Mind The Gaps. ]

"[N]ot a single browser vendor offers ad blocking, instead relying on optional third-party plugins, because this breaks their business model and how they make money," said Hansen in his post. "Current incentives between the user and browser vendor are misaligned. People simply aren't safe online when their browser vendor profits from ads."

In March 2011, Dasient, a security firm that sold protection against malicious ads and was acquired by Twitter the following year, estimated that the chance of encountering a malicious ad over three months of browsing was 95%.

In the Aviator FAQs, WhiteHat Security states that Google Chrome, Microsoft Internet Explorer and Mozilla Firefox are not as secure as Aviator because "implementing truly effective security and privacy would negatively impact their businesses."

Google and Microsoft did not respond to requests for comment. Mozilla declined to comment, but CTO Brendan Eich in June suggested his company's decision to delay implementation of third-party cookie blocking — criticized as succumbing to ad industry pressure — was the result of trying to find a way to deal with third-party cookies on a granular level that avoids the errors that arise when blocking is indiscriminate.

Ad blocking is on the rise, according to PageFair, a consultancy that caters to publishers concerned about ad blocking. A report published by the firm in August, based on a survey of 220 websites with the sort of technically sophisticated audience likely to employ ad-blocking software, found an average ad-blocking rate of 22.7%. PageFair says it expects that figure to grow by 50% over the next five years.

Ad blocking has become significant enough that Google this year began paying to have its search ads whitelisted through Adblock Plus' Acceptable Ads initiative. This initiative, which allows ad companies to prevent their ads from being filtered as long as they meet quality requirements (and pay a fee in the case of large companies), remains controversial and has been likened to a protection racket.

Hansen says that if enough people like Aviator, WhiteHat Security will build a Windows version.

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Drew Conry-Murray
Drew Conry-Murray,
User Rank: Ninja
10/22/2013 | 11:12:13 PM
re: Aviator Browser Blocks Ads, Cookies By Default
I hope they bring it to Windows soon!
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio