AdBlock source-code on

At the end of July, Wladimir Palant of Adblock Plus wrote a blog post which criticised Michael Gundlach‘s AdBlock for several reasons, but most worryingly:

AdBlock has no scruples to assign unique IDs to their users, to collect data about them (like which settings they enable) and to track the users each time they visit their website. You also cannot avoid visiting their website because the extension will send you there occasionally, most notably on first run. There is no privacy policy, so nobody knows what happens with that data. The discussion on their privacy policy has been marked private for some reason, I guess details were published there on what data they collect.

Not just that, the AdBlock project was also so careless when implementing this “feature” that every other website can track AdBlock users as well. And they explicitly allowed to be notified whenever some AdBlock user starts up his browser.

… but also criticised AdBlock for being a GPL-3 open-source project with no public repository, and only per-release zip archives being made available. This means that it is non-trivial to determine what changes have been made between versions, and generally increases suspicions that someone somewhere is hiding something…

To remedy this, and as is my right according to the GPL-3 license under which AdBlock releases are made available, I have extracted each AdBlock release which is still available, and uploaded it to github at the following location:

… and I’ve a mind to fork this code-base and add DNT support if the user has enabled this option in their browser.

For balance, Michael’s response is at where he makes a point-by-point rebuttal.

I must admit that I’m still with Wladimir on this one – if AdBlock were doing nothing that they feel their users would object to, why not ask their users permission or, failing that, at least post – either within the extension or on their site – details of what tracking and what partnerships are active within a given release? Michael’s assertion that “User IDs are randomly generated and aren’t retained across different machines, browsers, or reinstallations” entirely misses the point that, for a given installation in a given browser, he had created a constant global tracking ID that can be used to uniquely identify the user, regardless of the preferences the user has expressed regarding whether they’re happy to be tracked or not.