[bsysop]

Do you think ad companies will really trust reverse-proxied ad traffic? Seems like a tremendous opportunity for fraud. Right now with user agents hitting ad servers directly, there's much less opportunity for content publishers to fake impressions and clicks.

[ignoramous]

Instead of websites deploying reverse-proxies to tunnel ads through, Google has entire websites tunnel through their edge via AMP. Wouldn't surprise me if BigTech gets together and introduces standards that open up more avenues for CDNs to take away even more control and monetize the traffic they serve, on their terms.

Google has pretty much checkmated content-blockers in that they control the servers, the OS, and the clients used by an overwhelming majority internet users and service providers, alike.

[earthboundkid]

TBF, Google is probably going to be broken up in the next five years and AMP will be exhibit A at the trial.

[peteretep]

I guess we get to the point where the content blockers load the scripts, and run heuristics on them before loading them, and perhaps running an adaptive real-time blacklist?

[takeda]

I hate AMP but maybe it is ad blockers, but I believe I can count on my fingers how many times I visited an AMP page.

[dylz]

They already do - Instart Logic is one of the reverse proxies dedicated to serving ads first-party.

For tracking and invasive device tracking (WebGL, plugin enumeration, Canvas, audiocontext, WebRTC, WebSocket-based portscanning of your LAN CIDR acquired from WebRTC, ...) there's Shape and Distil that both do inline reverse proxying.

[Orphis]

Though, WebRTC tracking is becoming severely limited with the current mDNS initiative that hides all the local IP addresses and other measures to hide available devices.

[aledalgrande]

Is this form of aggressive identification without consent not going against the GDPR?

[privateSFacct]

When I browse European sites I'm always having to click through permissions - I imagine most folks are on autopilot by now in terms of saying "yes" especially in Europe - how can you even browse the web if you don't click yes one everything in Europe?

What's the data on folks actually saying no to these popups / clickthrough alerts?

I used to skim the relatively few permission / yes agreements (ie, this will auto sign you up for XX), but now they are showing up so many places it's not practical anymore I don't think?

Even https://europa.eu/ (the official EU website) has a cookie banner at the top of the very first page you hit. And instead of the website asking me - I normally just block cookies if I don't want to share them.

[Semaphor]

The Europe site is compliant. They allow you to refuse nonessential cookies. Most sites are not. I'm pretty sure eventually those cases will be handled.

[aledalgrande]

I might be wrong, but GDPR was supposed to force businesses to provide a DNT option unless completely vital to the business. If that is true, most sites are liable for forcing you to click "yes".

Update: I went and found this[1]:

> this provision means that companies will process only the data absolutely necessary for the completion of its business and limit access to personal data to only those employees needing the information to complete the process consented to by the data subject

[1] https://www.techrepublic.com/article/the-eu-general-data-pro...

[privateSFacct]

If your business model involves keeping statistics on users use of your site is that necessary for the business?

[aledalgrande]

"involves" doesn't mean "would be dead without"

[zelly]

When user agent clicks the ad, that's how the ad companies know it's real.

[ignoramous]

Not that easy, see: https://news.ycombinator.com/item?id=8569409