I run a medium-sized mobile social app, and over the years we have been constantly plagued by spammy mobile ads that automatically trigger UI, generally modal alert views, to try to trick people into navigating outside of the app to download, sign up, etc.<p>Every time we do this, the mobile ad networks (MoPub, Smaato, etc) profess their shock and spend days to try to learn who the party was that placed the ad.<p>We wanted to prevent this by only running image ads, but apparently all ad units now must be "rich media", which as far as I can tell means javascript-enabled Web Views. There is no inventory left for image-only ads, or that is what they tell me.<p>I've dealt with this issue probably a dozen times in the last three years, and fired ad networks because of it. Our latest network is going through the same pop-up spam ad issue and I'm contemplating firing them too.<p>My question is -- why can't these ad marketplaces simply either a) restrict the javascript they run, b) run the javascript in a sandboxed Android/iOS webview that does not have permissions to pop UI, or c) any time they see new javascript, run the ad in a simulator to vet the javascript, before they allow these new advertisers/ad units to be run?<p>Could any programmers who work on mobile ad tech clue me in as to why this problem remains, as of now, unsolved? Or if this problem has been solved, tell me who I should be using instead?