• Home

  • Software

  • Policing ads and 3rd party content at scale on media sites
26
Engineeri ng By Billy Hoffman, Director of Product Policing ads and 3rd party content at scale on media sites [email protected] @zoompf

Policing ads and 3rd party content at scale on media sites

  • Upload
    rigor

  • View
    307

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Policing ads and 3rd party content at scale on media sites

Engineering

By Billy Hoffman, Director of Product

Policing ads and 3rd party content at scale on media

sites

[email protected]@zoompf

Page 2: Policing ads and 3rd party content at scale on media sites

Who Am I?• Automated analysis

and detection of performance issues

• Founder of Zoompf• Former web security

researcher and pentester

Page 3: Policing ads and 3rd party content at scale on media sites

3PC: A Traditional Approach• “Can’t control it”• “It has to be

there”• “I know, I know,

it’s so terribly bad”

• “I don’t even want to see it”

Page 4: Policing ads and 3rd party content at scale on media sites

Landscape of Modern Ads

Page 5: Policing ads and 3rd party content at scale on media sites

The times they are a’changing• Ad blockers• Parallel platforms

a. Google’s AMPb. Facebook Instant

Articles

Page 6: Policing ads and 3rd party content at scale on media sites

Landscape of Modern Ads• Ad Inventory• Direct Ads Sales• Programmatic Ads• Ad networks (Adx, Appnexus)• [tag] -> ad appears

Page 7: Policing ads and 3rd party content at scale on media sites

Landscape of Modern Ads• 1 IFrame per ad

a. Asyncb. Each fires own trackersc. Reuse can be poor

• Ads run for fixed impressionsa. Then you go into remnants

Page 8: Policing ads and 3rd party content at scale on media sites

Landscape of Modern Ads• No idea what an exchange will

give you ahead of time• Set Polices (video, audio)• Bad stuff still slips through• Different ads among people/geos

Page 9: Policing ads and 3rd party content at scale on media sites

“We don’t have 1 page load. We have our page load, and then 3-6 separate mini payloads from

ads.”

Page 10: Policing ads and 3rd party content at scale on media sites

“Sub” loads/Waterwalls

Page 11: Policing ads and 3rd party content at scale on media sites

Main Goals1.Ad Performance Problems

2.Ads doing shady stuff

Page 12: Policing ads and 3rd party content at scale on media sites

(Full) Waterfalls are not helpful

Page 13: Policing ads and 3rd party content at scale on media sites

Load Graphs• Build DAG

– Referrers, initiators• Visualize

dependencies

Page 14: Policing ads and 3rd party content at scale on media sites

Ad Performance Problems1.Weight of resources2.Redirects3.Head of Line blocking4.Rendering issues5.Quality Issues

Page 15: Policing ads and 3rd party content at scale on media sites

Party like it’s 2006

Page 16: Policing ads and 3rd party content at scale on media sites

OMG and the creative!

Page 17: Policing ads and 3rd party content at scale on media sites

Gotchas1.Caching

a. Can’t update the inclusion markup2.Using/not using CDN

a. Beacons don’t go to edge servers3. JS Reuse

a. “Why are we loading jQuery 3 times?”4. Inlining JS that’s not inlinable

Page 18: Policing ads and 3rd party content at scale on media sites

Aside: What are you loading?

Page 19: Policing ads and 3rd party content at scale on media sites

Aside: Do 3PC Audit1. Inventory of what’s on your site2.Define who can add a tag3.Master list or Repository?4.Use a tag manager?

Page 20: Policing ads and 3rd party content at scale on media sites

Ads Being Shady1.Breaking out of

frames2.Opening new tabs3.Redirecting to app

stores (2 tricks)4.Sending you to

sketchy places

Page 21: Policing ads and 3rd party content at scale on media sites

Demo

Page 22: Policing ads and 3rd party content at scale on media sites

AdInspect1.PhantomJS script2.Produces custom HARs3.Finds bad/shady stuff

github.com/acidus99

Page 23: Policing ads and 3rd party content at scale on media sites

Malware

Page 24: Policing ads and 3rd party content at scale on media sites

Catching (Possible) Badness• Malware, Phishing,

Unwanted Downloads• Free!• Local & Remote

Options• 10K lookups/day

Page 25: Policing ads and 3rd party content at scale on media sites

Next Generation Stuff1.Does the ad actually render?2.Rendering outside of containers?3. IAB Compliance4.Clickthrough testing?5.Leveraging RUM?

Page 26: Policing ads and 3rd party content at scale on media sites

Take Aways1.You can’t ignore 3PC/Ads2.Find the needle in the Haystack,

then audit that3.Typical frontend analysis works*4.Shady things are more common

then you think


2018 Print + Online · FORECLOSURE SALES JOB ADS REAL ESTATE ADS REGIONAL SECTION / 3RD BOOK ADVERTISING SECTION / 4TH BOOK. 14 ... within the specified column width (see blue box)

2018 Print + Online · FORECLOSURE SALES JOB ADS REAL ESTATE ADS REGIONAL SECTION / 3RD BOOK ADVERTISING SECTION / 4TH BOOK. 14 ... within the specified column width (see blue box)

Documents
The BBL After 3rd Reading - rboi.armm.gov.phrboi.armm.gov.ph/uploads/DOC_FILES/For_RBOI_final.pdf · under the PNP. a.2 Policing ... • DELETED “and disciplinary powers ... mechanism

The BBL After 3rd Reading - rboi.armm.gov.phrboi.armm.gov.ph/uploads/DOC_FILES/For_RBOI_final.pdf · under the PNP. a.2 Policing ... • DELETED “and disciplinary powers ... mechanism

Documents
Fair Policing

Fair Policing

Documents
Résumé: Michael Tonry - law.umn.edu 3rd Edition, ... George F. Cole and Marc G. Gertz ... Modern Policing (University of Chicago Press 1992);

Résumé: Michael Tonry - law.umn.edu 3rd Edition, ... George F. Cole and Marc G. Gertz ... Modern Policing (University of Chicago Press 1992);

Documents
Community Policing Advisory Board Meeting Agenda April 3 , 2019 Oakland City Hall 1 ... · 2019-04-01 · Community Policing Advisory Board Meeting Agenda April 3rd, 2019 Oakland

Community Policing Advisory Board Meeting Agenda April 3 , 2019 Oakland City Hall 1 ... · 2019-04-01 · Community Policing Advisory Board Meeting Agenda April 3rd, 2019 Oakland

Documents
POLICING FRAMEWORKS, POLICING SYSTEMS, POLICING STRATEGIES ... · PDF filePOLICING FRAMEWORKS, POLICING SYSTEMS, POLICING STRATEGIES AND ... attack to Grand Economic Strategy and

POLICING FRAMEWORKS, POLICING SYSTEMS, POLICING STRATEGIES ... · PDF filePOLICING FRAMEWORKS, POLICING SYSTEMS, POLICING STRATEGIES AND ... attack to Grand Economic Strategy and

Documents
The most creative ads of the week: November 3rd 2014

The most creative ads of the week: November 3rd 2014

Marketing
RATES - DISPLAY ADS RATES - WORD ADS CLASSIFIEDS 15 … · ALL NEWS AND ADS MUST BE IN OUR OFFICE BY WED., OCT. 3rd AT NOON THERE CAN BE NO EXCEPTIONS Our office will close at 2 pm

RATES - DISPLAY ADS RATES - WORD ADS CLASSIFIEDS 15 … · ALL NEWS AND ADS MUST BE IN OUR OFFICE BY WED., OCT. 3rd AT NOON THERE CAN BE NO EXCEPTIONS Our office will close at 2 pm

Documents
Predictive Policing

Predictive Policing

Documents
Sector Policing to improve Community Policing in South Africa

Sector Policing to improve Community Policing in South Africa

Documents
Van Predictive policing naar prescriptive policing

Van Predictive policing naar prescriptive policing

Data & Analytics
2007-2015idmalbania.org/wp-content/uploads/2016/05/Community-Policing-En… · 4. COMMUNITY POLICING PHILOSOPHY 4.1 Evolution of Community Policing Community Policing has established

2007-2015idmalbania.org/wp-content/uploads/2016/05/Community-Policing-En… · 4. COMMUNITY POLICING PHILOSOPHY 4.1 Evolution of Community Policing Community Policing has established

Documents
Bringing Victims into Community Policing...to law enforcement agencies to advance community policing. Bringing victims into community policing is one more way community policing keeps

Bringing Victims into Community Policing...to law enforcement agencies to advance community policing. Bringing victims into community policing is one more way community policing keeps

Documents
Modern Policing

Modern Policing

Documents
‘Policing pregnancy’

‘Policing pregnancy’

Documents
Policing Uganda, policing the world - uni-bremen.de

Policing Uganda, policing the world - uni-bremen.de

Documents
2020 Replacement Models - BrotherUSA...2020/08/18  · ADS-2000 ADS-2200 AdS-2700w ADS-2000e ADS-2200 ADS-2700W AdS-2500w AdS-2800w ADS-2500We AdS-2800w w Recommended Brother Replacement

2020 Replacement Models - BrotherUSA...2020/08/18  · ADS-2000 ADS-2200 AdS-2700w ADS-2000e ADS-2200 ADS-2700W AdS-2500w AdS-2800w ADS-2500We AdS-2800w w Recommended Brother Replacement

Documents
Community Policing and Local Policing Partnership Boards · 2016-05-03 · Policing in Sierra Leone – Local Policing Partnership Boards’, DIIS Report 2014:16, Copenhagen, 2014

Community Policing and Local Policing Partnership Boards · 2016-05-03 · Policing in Sierra Leone – Local Policing Partnership Boards’, DIIS Report 2014:16, Copenhagen, 2014

Documents
Community Policing Advisory Board Meeting Agenda January …Community Policing Advisory Board Meeting Agenda January 3rd, 2018 Oakland Police Department, Eastmont Substation 2651 73rd

Community Policing Advisory Board Meeting Agenda January …Community Policing Advisory Board Meeting Agenda January 3rd, 2018 Oakland Police Department, Eastmont Substation 2651 73rd

Documents
The most creative ads of the week: August 3rd 2015

The most creative ads of the week: August 3rd 2015

Marketing
A career pathway in neighbourhood policing...A career pathway in neighbourhood policing 1 Neighbourhood policing The defining features of neighbourhood policing are: n police officers,

A career pathway in neighbourhood policing...A career pathway in neighbourhood policing 1 Neighbourhood policing The defining features of neighbourhood policing are: n police officers,

Documents
Chapter 1 You Decide 1 - SAGE Publications Intro to Policing 3e You Decide Answers.pdfCox, Introduction to Policing 3rd Edition Instructor & Student Resource Chapter 1 You Decide 1.1

Chapter 1 You Decide 1 - SAGE Publications Intro to Policing 3e You Decide Answers.pdfCox, Introduction to Policing 3rd Edition Instructor & Student Resource Chapter 1 You Decide 1.1

Documents
Ingress Policing

Ingress Policing

Documents
Over-policing, Under-policing, or Both? An Analysis of Police … · Over-policing, Under-policing, or Both? An Analysis of Police Resource Allocation RebeccaGoldstein∗ MichaelW.Sances†

Over-policing, Under-policing, or Both? An Analysis of Police … · Over-policing, Under-policing, or Both? An Analysis of Police Resource Allocation RebeccaGoldstein∗ MichaelW.Sances†

Documents
POLICING POLICY COMMISSION REPORT...4 Policing Policy Commission Members Policing Policy Commission members reflect the diversity of Nashville. Karl Dean, Co-Chair of Policing Reggie

POLICING POLICY COMMISSION REPORT...4 Policing Policy Commission Members Policing Policy Commission members reflect the diversity of Nashville. Karl Dean, Co-Chair of Policing Reggie

Documents
Intelligence-Led Policing: The Integration of Community Policing

Intelligence-Led Policing: The Integration of Community Policing

Documents
Community Policing

Community Policing

Education
BIASED POLICING UPDATE - lapdonline.org Q3 BP.pdf · Biased Policing and Mediation Update – 3rd Quarter 2016 February 6, 2017 The purpose of this report is to provide the Board

BIASED POLICING UPDATE - lapdonline.org Q3 BP.pdf · Biased Policing and Mediation Update – 3rd Quarter 2016 February 6, 2017 The purpose of this report is to provide the Board

Documents
Geography Public Safety - COPS OFFICE › RIC › Publications › cops-w0598-pub.pdfbased policing, hot spot policing, intelligence-led policing, and information-based policing merge

Geography Public Safety - COPS OFFICE › RIC › Publications › cops-w0598-pub.pdfbased policing, hot spot policing, intelligence-led policing, and information-based policing merge

Documents
Implementing and sustaining problem-oriented policing · into policing. POP is core to the Policing Vision 2025, the College of Policing’s neighbourhood policing guidelines, Her

Implementing and sustaining problem-oriented policing · into policing. POP is core to the Policing Vision 2025, the College of Policing’s neighbourhood policing guidelines, Her

Documents