We don't like paying for things. No point in handing over hard-earned cash for something when we can get the same thing for free, we think.
It seems like a no-brainer, but our unwillingness to pay for things directly has led the internet into a dark and dangerous corner where a dependence on advertising is putting our privacy and security on the line.
Since the beginning of the internet, we've been trained to expect not to pay to access anything we want online.
At the start, everything put up there was free for all. That collaborative, open-source vibe has lingered on from those early days, and somehow still holds, despite somewhat belated efforts by content creators to monetize their work.
But the backdrop has changed beyond recognition. The internet is no longer populated with geeks, hobbyists and academics, but has become a centre of everyone's commercial and social worlds.
Any business with hopes of interacting with the rest of the world has an online presence, and anyone with goods or services to sell wants to get their message out to people as they gaze at their screens.
This desire for visibility has led to ever-growing spending on online marketing and advertising.
In the beginning, it wasn't much of a problem, and allowed smaller sites to generate a little funding without much effort, encouraging more people to contribute and adding to the diversity of the internet.
But we never really figured out a better approach for a more commercial online world. Having got used to free content, we baulked at paywalls, subscriptions and service charges.
The absence of simple, dependable and universal systems for making small payments didn't help here, and the growing threat of malware and data leaks also added to our wariness when it came to handing over our financial info to the internet's all and sundry.
So advertising bedded itself in as the main source of funding for the web, and drew in ever more marketing cash.
On the back of it, the likes of Google and Facebook became financial giants through their huge PII-farming operations, harvesting all the information they can about us to sell on to advertisers that demand ever more specific targeting of their wares.
This in itself has led to numerous worries over how nicely these big firms deal with our data, but to an extent these are manageable fears - we know who Google and Facebook are, we can pressure them to behave better, and when it comes down to it we can simply avoid their services if we don't like them.
The rest of the web is much more murky. The bulk of online advertising goes through complex chains of ad distribution networks, with the tiny per-click or per-view fees paid by the original company trying to market itself somehow managing to support multiple middlemen.
These invisible chains have become a standard target for scammers and criminals, who sneak malicious links into the chain and get them placed on popular sites, compromise end user systems en masse to hijack clicks or place their own ads, or simply build automated bots to fake clicks and earn unwarranted affiliate fees.
A few weeks ago, a US Senate subcommittee highlighted the growing danger of malvertising, and proposed some approaches to curbing the proliferation of complex ad networks which can lead to all sorts of nasties, mainly centering around better processes for choosing which ads are shown by websites.
But is it too late to change this? So many firms, both legitimate and dodgy, are so dependent on the affiliate pay-per-click system that rooting it out completely will require a major step-change in internet culture.
It's not just websites that are funding themselves with advertising, of course. Marketers, and scammers, have always been quick to take advantage of any new technology which can put their message in front of new eyes.
When email emerged as a popular communication vector, commercial spam quickly appeared too, closely followed by others abusing the system to make money from bulk mailing, and of course to spread malware and make money more directly from victims. They flooded our inboxes to such an extent that, for several years now, people have been questioning the viability of email as a usable tool.
The development of smart phones and the app culture that goes with them has also been taken over by advertising, with numerous small-time apps building in third-party ad libraries, which bring their own raft of privacy and security risks.
On desktops, a similar model has been around for a long time. Quality software can cost serious money, and for most purposes free tools can be found by determined searching.
More entrepreneurial hobbyists, and smaller software houses, quickly saw a way around our unwillingness to pay directly for our stuff by including - yes you guessed it - advertising in their products.
Again there were privacy issues, and again scammers and more aggressive ad purveyors found ever sneakier ways of getting onto our systems.
Nowadays much of the "free" software economy funds itself by using deliberately confusing, if not actually deceptive, language in their downloader or installer packages, tricking people into accepting multiple additional items alongside whatever it was they really wanted.
These "optional" extras feature hidden or ineffective uninstall processes, concealed source information, and of course either in-your-face advertising or aggressive pushes to upgrade "freemium" software.
Last month, Microsoft proposed a set of rules covering dodgy adware, in an effort to force developers of ad-supported software to play nice with their users.
These rules, due to come into force in July, require software to include proper uninstallation, clear labeling of what it is and who made it, and - of course - clarity over the fact that it is indeed ad-supported.
Once these rules come into force in Microsoft's own security tools, running by default in newer versions of Windows and considered a minimal "baseline", it will make it much easier for all security vendors to simply block offending items without fears of legal action from their "legitimate" developers.
Of course, business-focused solutions have always had more freedom to block such software, which is rarely appropriate for business purposes. But a change in the ecosystem should benefit us all, reducing the problem of foistware at least a little.
What's really needed is a major change in attitude though. We need to learn the value of paying directly for what we use where possible, to minimise our reliance on advertising and reduce its power as a model for scams and malware as well as less ethical marketers.
Of course, we want to avoid the apocalypse of a cash-up-front internet, but maybe we also need to start boycotting sites, apps and software that use overly aggressive or unattributed advertising.
We need to send a message that if people want to advertise to us online or on our devices, they need to do so in a responsible and appealing way.