[zwetan]

"Or you could have ad networks that only circulate carefully vetted/curated ads."

No, you make it simpler than that

you simply forbid ads to be interactive or to contain any code

eg. you do only static ads like text, image, video

no code, no way to hide nasty stuff

[hackerfactor]

Your proposed approach will stop direct risks to browsers, but does nothing for ads that link to web pages that are hostile. E.g., you click on an ad because you are interested in the product and get directed to a phishing site or a site offering counterfeit goods or a site that has malware and infects your browser.

It's not just the graphic used by the ad, it's also the ad's destination.

[manigandham]

We solve all this by having a platform that syndicates sponsored content directly to the user. They click but stay on a rendered page controlled by us. No 3rd party assets or destination to worry about.

[jarcane]

So disable linking.

The clickthrough rate on internet ads is execrable. Frequently in the fractions of a percent at best.

No other advertising space operates on the assumption that linking represents.

Eliminating linking and leaving pure visual ads would be in line with every other form of advertising in existence, and eliminate the "problem" of click fraud, link-bait, and actually fraudulent links.

Do we really need a business model that exists largely to enable ad networks to defraud each other and consumers? We have advertising standards bodies that are meant to prevent this kind of thing in every other form of advertising, but somehow the internet is "special"?

[marvy]

So you end up with ads that say: copy/paste this URL. What have you solved?

[jarcane]

I think realistically, the friction against such a method is strong. People can scarcely be arsed to bother with QR-codes anymore. It could still happen, but this sounds an awful lot like a "perfect is the enemy of the good" sort of argument. Is not some X% of the problem better than the 100% that we have now?