I spent a long time browsing without an ad blocker. I only started using one a couple years ago after getting hit by a 0-day exploit in an advertisement on a major website.
Now I whitelist the sites that I know don't host third-party script/media content (basically, text/image-only). There aren't many of them, unfortunately.
At present my two choices are: Send ad revenue to websites I like and get my machine owned by exploits, OR, browse without worrying about those exploits AND without the annoyance of advertisements. The latter is a vastly superior choice, even if there is some moral argument to be made about how I'm depriving those websites of revenue.
If someone has a sound technical solution for this problem, I'd love to be able to uninstall adblock plus. It tends to erroneously hide non-ad content sometimes.
Ad networks are very valuable targets for hackers as they tend to exist by being able to execute arbitrary javascript on thousands of sites. Hacking one gives you the perfect platform to launch XSS and CSRF attacks, and to exploit browser vulnerabilities across large numbers of users quickly.
>If someone has a sound technical solution for this problem
http://en.wikipedia.org/wiki/Linux works pretty well. I'm not trying to be pedantic, of course - Linux is immune to Windows exploits, of course, and cross platform exploits, such as for Flash, generally don't work unless specifically targeted against Linux, which in practice doesn't happen on a scattershot distribution method like an ad network.
The exploited ads issue is a difficult one to solve, but it is not as bad as it used to be. As a website owner, there are certain "remnant" networks that I know to avoid - even though they are now owned by significant brands.
Even the premium ad networks who directly represent websites are occasionally tricked by new clients who sign up as one entity, but their ads contain a payload which only selectively reveals itself once it's out in the wild.
I've always surfed without an ad-blocker and have never had any sort of infection. I'm not doubting your anecdote, I'm just doubting how commonplace it is. To me it seems as rare as an airplane crash.
I know someone who got off a plane at the last stop before the flight where it crashed and killed most of those on-board. They still fly just as often. There's no such thing as a zero-risk life.
Now I whitelist the sites that I know don't host third-party script/media content (basically, text/image-only). There aren't many of them, unfortunately.
At present my two choices are: Send ad revenue to websites I like and get my machine owned by exploits, OR, browse without worrying about those exploits AND without the annoyance of advertisements. The latter is a vastly superior choice, even if there is some moral argument to be made about how I'm depriving those websites of revenue.
If someone has a sound technical solution for this problem, I'd love to be able to uninstall adblock plus. It tends to erroneously hide non-ad content sometimes.