"Ahem A Rivet's Shot"  wrote

| I said server side - I used to work on the Yahoo! front page team.
| I know exactly what I am talking about. While the page is being
constructed
| on the server *before* it is sent to the client adverts are injected into
| the page by the ad server (which is a fearsome beast).
|

   That might have been true in the days of banners
being served from the same domain. These days it's
typically a code snippet calling Google/Doubleclick with
a company ID, from javascript in the page, clientside.
That's not any kind of "injection". It's script in the page.

  There haven't been static ad images in pages for years. It
was hard to track the number of ad views, and there was
no targetting. So no one wanted to pay for them. These
days it's all dynamic, script-based, calling in vast spyware/ad
companies like Google/Doubleclick. The actual site you're
visiting has almost no part in it. Which is actually
convenient in a way. A short HOSTS file blocks
virtually all ads and tracking.

  Loading yahoo.com just now show's that they're trying
to get me to call in 4 spyware beacons through NOSCRIPT
tags. If I allowed script they'd be calling atwola.com for
an ad, sending them my userAgent, OS and version,
the fact that I'm on a desktop (or their guess that I am),
and various other bits and IDs. So they did generate
that code custom and sent it to me in the page, but
any ad would be a clientside scripting operation carried
out with atwola. Since I block both script and atwola,
they never get called and I can still read about George
Clooney or get my horoscope without being tracked or
seeing ads. :)

--- SoupGate-Win32 v1.05