Internet advertising and Internet security: Can they coexist, or is a showdown inevitable?

Like it or not, advertising is part of the Internet food chain and a huge source of revenue for Internet companies. But many conflicts between Internet advertising and Internet security already exist, and scams, malware, and click fraud continue to erode users' trust. When it comes to Internet advertising and Internet security, Jonathan Yarden thinks something's gotta give. Get his take on the future of this relationship in this edition of Internet Security Focus.

Regardless of how you feel about Web advertising, the Internet as we know it wouldn't exist without it. Advertising is a huge revenue source on the Web, and only a naive technology purist would think that a major Internet company could survive without this income.

Personally, I'm no fan of Internet advertisements and wish they weren't a necessary evil, but I accept the fact that they must exist for the Internet to function as it does. Like it or not, advertising is part of the Internet food chain.

But despite a general lack of interest in Internet advertising, it will continue to exist as long as advertisers feel they're getting a return on their investment. And companies such as Google and Yahoo will exist as long as they can sell ads. Even anti-advertising has become an industry as more and more products and services designed to block or remove advertising become available.

Admittedly, I almost never click an advertising link—and I don't think I'm in the minority—but that's simply how things are. However, without even taking this general apathy toward advertising into account, many conflicts between Internet advertising and Internet security already exist.

With so many scams and misinformation on the Internet, companies and people increasingly mistrust Internet content, and advertisements are no exception. In fact, I believe there will eventually be a point of diminishing returns. Internet security isn't getting better; it's getting worse—for both users and advertisers.

Frustrated by glaring security weaknesses in Internet software, particularly Microsoft's Internet Explorer, many users are disabling scripting, add-ons, and other features that companies rely on for delivering ads. Many are also switching to browsers that disable features used by advertisers by default.

As consumers become more security-conscious, legitimate Internet advertisements are becoming collateral damage. And that's saying nothing of all the ad-busting software and proxies making a dent in advertising revenue.

Even more alarming is the preponderance of "click fraud" currently going on. While many Internet companies report that their advertising revenue is up, you have to wonder about the amount of real sales generated for advertisers.

The dirty truth is that no one can really pinpoint the true amount of fraudulent hits generated by "click-through" and "autosurf" programs, which artificially inflate advertising numbers. And while advertisers continue to try to stop fraud and deliver legitimate advertisements, others are working just as hard to figure out how to block the advertisements, find ways to defraud the advertisers, or even set up fake Internet companies to run fraudulent ads and steal money from consumers.

In my opinion, this advertising vs. security "cold war" is going to get ugly, and everyone stands to lose. Google recently reached a settlement in a class-action lawsuit over alleged click fraud, and Yahoo settled its own click-fraud case last month. Meanwhile, fraudsters continue to eat into these companies' revenues.

This is a battle on multiple fronts, and there will eventually be a standoff; I predict it's coming within the next two to three years. On one front, we have the Internet advertising companies spending more money than they're earning, trying to justify legitimate advertising clicks. On another front, users continue to secure computers by disabling ActiveX, JavaScript, and add-ons such as Adobe Flash, a practice that reduces the effectiveness of advertisements in general.

Other users are simply blocking advertisements using other methods, often with the assistance of their own Internet service provider. And let's not forget about all those malware authors and other fraudsters resorting to more and more nefarious methods to ensure their illegal activities continue to earn revenue.

In my opinion, the Internet is due for a massive shakeup, and I think it will come down to a battle between security and advertising. It all boils down to trust—or rather, a growing lack of it—from Internet users.

I'm not surprised that some people are opting not to use the Internet at all—the costs of insecurity can far outweigh the benefits. I'm not surprised that major ISPs, looking for new revenue streams from Internet companies, are exploring the hotly debated concept of Net neutrality. And I'm not surprised that fraud on the Internet is increasing, further eroding users' trust—and consequently companies' profits. What does surprise me, however, is that so few people even grasp what's truly at stake.

Miss an issue?

Check out the Internet Security Focus Archive, and catch up on the most recent editions of Jonathan Yarden's column.

Want more advice for locking down your network? Stay on top of the latest security issues and industry trends by automatically signing up for our free Internet Security Focus newsletter, delivered each Monday.

Jonathan Yarden is the senior UNIX system administrator, network security manager, and senior software architect for a regional ISP.

Editor's Picks

Free Newsletters, In your Inbox