Phorm launches data pimping fight back A week is a long time in internets. Last Friday we all felt like we were shouting at the bins about Phorm and its deals with BT, Virgin Media, and Carphone Warehouse. Now, you can't move for stories about data pimping and the massive change in people's relationship with their ISP Phorm represents, not to mention the new legal …
Hi. Tech Team at Phorm here. There are some common themes here and some specific questions which I can answer over a series of posts.
So here goes - privacy first. There's no 'largely' about it, no personally identifiable information is stored. Nor does the technology store IP addresses or browsing histories. It simply observes anonymous behaviours and draws a conclusion about the advertising category that's most relevant. All the data leading to that conclusion is deleted by the time each web page is loaded.
The service works on the basis of a closed system which only includes the ISP and Phorm. No browsing data leaves the ISP network. No data on subscriber activity is passed to advertisers.
It's important to understand there are two distinctly separate processes in the Phorm system: data capture and ad serving. The data capture system only stores one item of information on your computer - a random number. The random number is the only thing that distinguishes your browser from the millions of others on the internet. It does not contain any information about you or your computer. The only person able to make that connection is you, as you have that cookie in your browser.
As you browse, your browsing behaviour is matched against pre-defined advertiser categories for everyday products, like travel or sport.
No URLs, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time -- by the time the page loads. There is, in essence, no data other than the categories and the random number stored in the system and so it's impossible to know (or indeed reverse engineer from that) who you are or where you've been.
On each navigation, a data digest is created consisting of URL, search terms submitted to a major search engine, and the top 10 most frequently-occurring page keywords from the page (which are cleaned to remove email addresses, numbers and names). This is matched against a list of advertising product categories and the data digest, which is never written to disk, is deleted. When analyzing in-page keywords, only repeated information is registered - the top 10 most frequent are considered, having first screened out numbers, email addresses, names. Secondly this ‘data digest” is only used instantaneously to match against advertiser channels and is then deleted. Raw data is not stored and cannot be lost. The system only retains the advertiser categories that were matched, which by definition cannot include your data.
In the ad serving phase, when your computer requests an ad from the OIX (because a website has included our tag in their page), the browser sends the random number and the categories are used to deliver the targeted ad, not the details of your browsing, or anything about you or your computer.
Things slightly mixed up there mate. If they don't receive the cookie THEY ASSUME YOU HAVEN'T OPTED OUT and give you a new profiling cookie. It's an opt-out system remember, there has to be a cookie on your machine that says 'this user wants Phorm go f**k itself' or something to that effect.
Even then they still get your browsing info they just don't target ads.
The dice are loaded and not in your favour.
My notice has gone in with Virgin already, and I'm happy to max out my connection until I get my ADSL up and running - just waiting for one or two more replies before I decide who to go with - I think asking for a categoric promise that my data will never be intercepted or processed such as is required as an inherent part of the service or by law enforcement agencies is a fair question for anyone to ask.
FWIW Demon, PlusNet, Zen and o2 have provided categoric assurances to me. Be offered an assurance but it was just an email reply that said something like "in repsonse to your question we would never do that"
As for the "you'll see less adverts" ok assuming I give them the benefit of the doubt on everything else the profile of me is still going to give a fairly good idea of what social group/age/sex I am. And I know for a fact I'm target audience for a lot of ad-men. So all the adverts that miss me (ad-block plus not withstanding) and hit others not so desirable to advertisers won't need to be sent. So they'll have more resources to hit me.
Paris because she stopped with Virgin a long time ago. Can we have Richard Branson with horns for us (ex)virgins?
Very very very good point CHRIS, CHRIS, WHERE ARE YOU!? There are two explanations here. Either phorm inject a hidden iframe or some other HTML into each page to force a dummy transaction, in which case they were lying about injecting nothing into the stream, and this raises very serious questions and in any case it would be hard to tie the whole string of simultaneous requests for various elements together with the cookie, or they grab the whole stream and be damned with it. Funny the E&Y auditors didn't pick this up ;)
Didn't Google do a study and demonstrate that the only webpage adverts that *work* are very short, simple ones like those Google puts alongside your search results? Where does this leave the brightly colored, flashing, moving, singing ads marketdroids continue to push down everyone's throat? IOW, targeted or no, online ads are not particularly effective.
It also strikes me that this whole uproar is due to business once again taking the point of view "if there's no explicit law against action X, action X is okay." This philosophy is one very short step away from thinking "if the motive is profit, any action whatsoever is justified." Sorry, mac, think again.
More and more, I think it's time to fundamentally reform the law as it affects business so that they are required to act honestly, honorably, and ethically, in the broadest possible sense. And at the same time, prohibit unilateral changes to contracts such as BT seems to be contemplating.
As some have suggested, perhaps letters from innumerable people to their ISPs (snail mail at that) stating that they do not have your consent to tap your web browsing and referring to the relevant laws would at least put a few speedbumps in Phorm's path.
The snail mail part is important because a piece of paper cannot be destroyed by just pressing the delete key. As a former toiler in the bowels of a bureaucracy, I can assure everyone that written letters are not easily dismissed by the recipients, unlike email.
Flame, because I'm getting fed up with corporate self-importance and total disregard for the basics of human society.
What me makes laugh more about the irrelevant advertising argument is that they somehow think they are able to target us with relevant advertising. Just because I may have visited a site about motorbikes doesn't mean that I want to see adverts for anything bike related in future visits. Isn't this still irrelevant advertising just in another form?
I personally have nothing against low key advertising on sites that provide a service to me for free, as long as it has something to do with the site that I am visiting. For example being on El Reg I would expect to see advertising for computer related stuff, and that is pretty much what we get. Isn't this as targeted as what Phorm are offering and without having to analyse all our traffic and potentially invading privacy?
I have worked indirectly in online advertising and have found that relevant advertising is the most appropriate form. If you run a games site, your target audience is likely young teens. Advertise related products in an appropriate way and you will get a much better response that bombarding users with irrelevant adverts. I worked for one company where our target audience were young teenagers and yet almost every advert was for home insurance, car insurance, life insurance etc and they then wondered why they were getting such awful responses. Then every now and then we had an advert related to this age group and the response was amazing.
I think the way forward are those advertising exchanges that allow you to negotiate with web masters who run sites that are your likely audience. You definitely do not need to monitor peoples traffic to target adverts. Won't the Phorm system only do the same thing anyway but one step behind? If I just visited a website for fish and then go to a website for computers, wouldn't the system show me adverts related to fish based on my past request? Then on the next site show me adverts for computers? I agree that it may be more advanced than that, but in principle it must be the same. This is not particularly targeted advertising is it?
'There's no 'largely' about it...'
Seriously Phorm what is you don't get?
I DON'T WANT A THIRD PARTY LOOKING AT MY BROWSING STREAM IN ANY WAY, SHAPE OR FORM WITHOUT MY EXPLICIT CONSENT.
I DO NOT WANT TO BE ASSUMED TO HAVE CONSENTED TO IT.
I ESPECIALLY DO NOT WANT TO HAVE TO HAVE A COOKIE ON MY MACHINE TELLING YOU I HAVEN'T CONSENTED.
Is that clear enough?
You SAY no data is stored - that's not the point. Even if I OPT OUT of getting your damned targeted adverts YOU (well my ISP who are running YOUR software) are looking at ALL my browsing habits - EVEN IF I DON'T WANT IT.
Can you explain HOW that is right - in ANY sense of the word?
Remember Belkin's gaffe with unauthorised web redirections in their routers? The sort of spammy nonsense that causes web-based services like DynDNS to fail?
http://www.theregister.co.uk/2003/11/07/help_my_belkin_router/
Now we have ISP's injecting code into website responses, just like Rogers wants to do in Canada (for bandwidth cap reminders):
http://blog.wired.com/27bstroke6/2007/12/canadian-isps-p.html
I bet Phorm has already approached Rogers with a view to implementing ad-spamming on their network too.
Any ISP doing business with Phorm is a Bad Thing™ (or is that "Any ISP doing business with this "Thing" is bad Phorm"?)
The exact form of the opt out cookie is absolutely key here.
If all opted out users have exactly the SAME cookie then it can't be used to track your usage. If it contains a serial number then somebody will have to write a browser extension to generate a random opt-out cookie for every new web page.
That way they will have to use your ip address to track you and the ISP has always been able to do that with or without phorm.
For that matter how about a randomly generated opt-in cookie. That might give them a few headaches for a while.
The whole thing would be much much more stable, scalable and easier to accept if it ignored all streams without an opt-in cookie.
Why does this system have to opt in by default when they can target webwise ads to anyone without an opt-in cookie !!
Welcome to the debate.
It's impossible to opt out from data processing, as reported by "system" above using cookies because only cookies relevant to the website you're visiting get transmitted. you can't have a blanket cookie nor can you have a TLD cookie.
http://wp.netscape.com/newsref/std/cookie_spec.html
From your own audit:
Page 6 (pdf p8): "If a user deleted their opt-out cookie, then the opt-out status, which is contained in the cookie, is lost, and the user will be opted-back into the Phorm service".
Kent was on Radio 4 PM talking about how important choice was. I chose not to allow persistent cookies, so I have to manually opt-out of Webwise every time I start my browser.
So when I opt-out, how to I stop my information being aggregated into statistics, how do I stop my information being profiled. It's invasive and there aren't sufficient safeguards in place. Furthremore, the audit appears flawed and I should write to Ernst and Young and point this out. You failed to answer fully or even at all some of the questions put to you by the BBC and others on the technical issues like who writes the software for the Profiler and who audits any future software upgrades.
The issue about cookies is that they are sent by the browser with HTTP GET requests and they are only sent if the domain is the same as the domain that set it or a subdomain thereof. You can't have a blanket cookie. Phorm deny that anything is injected into the data stream.
What concerns me is;
1. In the interview text I see nothing to say that they dod not at least initially collect all the users sensitive data such as credit card details, passwprds and other form information. OK they SAY that they clean that data but that still means that they are initially collecting sensitive data. THAT concerns me greatly. I signed an agreement to trust BT plc NOT Phorm !!
2. Since BT are going to be interferring with our connections are we going to get a reduction in the PRICE of the broadband connectoon from BT ?. Like hell are we.
They SAY that there is not degradation of the connection but I cannot believe that there will be no degradation at all, even if it is miniscule.
>>No URLs, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time -- by the time the page loads. There is, in essence, no data other than the categories and the random number stored in the system and so it's impossible to know (or indeed reverse engineer from that) who you are or where you've been.
Disingeneous, the system does store the digests of each page that you load. It just deletes them afterward it has categorised the page and attached that category information to your guid. Just because something is only held in memory for a short while does not mean that it is not stored.
The fact is that Phorm is monitoring the web pages that I view in my browser and there is no way for me to opt out of this.
>>The service works on the basis of a closed system which only includes the ISP and Phorm.
How is that supposed to be reassuring when I don't want either my ISP or Phorm to monitor the web pages that I view?
I can opt out of receiving the targeted adverts that this process generates but that's not the bit that I'm worried about. Until Phorm guarantees a way for me to prevent them intercepting and monitoring the web pages that I view I will be against this. What Phorm intends to do with the data after it is intercepted is irrelevant. The assertion that the data will not leave the ISP network is irrelevant.
>>So here goes - privacy first. There's no 'largely' about it, no personally identifiable information is stored.
And Phorm is prepared to guarantee, in the form of a legaly-binding contract, that no information that could be used to identify a person will ever be present in the digest? For example if I used Google to search for my own name you can guarantee that that would be filtered out?
I'm sure this is a technical triumph, almost but not quite having their cake and eating it. They just don't get it do they? Just because today the system 'only looks for top 10 words' or whatever, and 'discards numbers, email addresses, etc' doesn't mean that tomorrow that couldn't easily all be changed by accident or design without any knowledge or recourse from us. Where is the supervision? What is the audit trail?
And clearly illegal without an explicit opt in. Nice try, start looking for new jobs guys....
Sorry, but I think the answer might well be that the only way of making sure of this is to move to an ISP who categorically state that they will not get into bed with this kind of thing. Thankfully there do seem to be a few who actually have some morals.
There's a section on the badphorm.co.uk message board which has a list of ISPs who have definitively stated that they will not do this. Personally I would ignore the ones where the answer has just come through standard "contact us" channels - I was told categorically that VM would never work with a spyware company when I called...
However, at least two (I think Aquiss and Newnet) have had MD or CTO level people confirm that they wouldn't go for this. I don't know where I'll be heading yet, but they're two I'll be considering. Any other ISPs making a categorical public statement that they would not employ this kind of thing will also put themselves in the running. Whatever happens, I will be cancelling my VM contract as soon as the notification goes out that this is going live. Which is a shame as I really like the V+ box and it's going to be a royal pain in the arse to cobble something similar together myself.
More-in-sorrow-than-in-anger-but-with-quite-a-lot-of-anger-in-there-too,
Chris
Hi Tech Team at Phorm, or should I say Anonymous Coward.
You store a unique key on my PC & parse data from my connection at Layer 7 looking for key words, therefore you _can_ parse for personally identifiable information whether do actually do or not at this particular time is irrelevant. Whether you immediately delete anything that might be identifiable is also a red herring, that programming can be changed at any point in time, dare I say after you have been audited or before you expect an audit. My 70 year old dad drives his Ferrari at 30 miles per hour, when he's on holiday and I drive it, do you think I drive it that way.
You have created a system for reading web pages that broadband subscribers request, it reads the whole page, you program it today to react to travel or sport, it is capable of reacting to name:, address: or Login: & Password:. You intercept data from broadband subscribers without their express permission, and do not explain exactly what you are doing or how it might be used in the future or in the wrong hands.
Recently a Police officer was pressurised by his superiors in to recording the private conversations of an MP, he knew it was wrong but felt he had no choice, someone in Phorm could be easily be pressurised into parsing the data steam for other target words, or worse Phorm itself could do so for market reasons.
Communications interception is the realm of the security services, one that is tightly regulated, it is not the place for private companies and profit.
Posted by another anonymous coward, you can find out who I am later by using the Webwise platform.
>>By Man Outraged
>>Posted Friday 7th March 2008 17:14 GMT
>>The issue about cookies is that they are sent by the browser with HTTP GET >>requests and they are only sent if the domain is the same as the domain that >>set it or a subdomain thereof. You can't have a blanket cookie. Phorm deny >>that anything is injected into the data stream.
If your data stream passes though a Layer 7 device at you ISP, they _CAN_ write anything in to the cookie or page they want.
You don't even need your own cookie, you _COULD_ add the personal ID to an existing one.
I have not said that they do do this, or that they will do this, but having access the the data stream at that level means that analysing or abusing the data _is_ possible.
If your friend has a gun, I doubt he will shoot you, but he has the ability to do so if he desires. If I buy his gun, now I do; do you trust me?
>>Privacy Guarantee
>>By Anonymous Coward
>>Posted Friday 7th March 2008 16:30 GMT
"On each navigation, a data digest is created consisting of URL, search terms submitted to a major search engine, and the top 10 most frequently-occurring page keywords from the page (which are cleaned to remove email addresses, numbers and names)."
Thats at lot of requests from one system, you could not do this without the permission of the search engine in question as they could cut you off at a stroke and your business would be sky diving without a parachute! Another cut of the revenue cake must go the the "Major Search Engine" I wonder whom that might be?
F5 LTMs (and GTMs) are (poor) loadbalancers,
in order to balance you to a site it will use either
1. A source-address persistence method (a table with your IP in it and your request)
2. A session cookie
3. A "hash" cookie - relatively unused.
When using a http headers viewer, you can usually find this cookie.
For example visit www.ba.com and turn on livehttpheaders (or whatever you use)
and you will see a cookie called ::: BigIPCookie - yes this is the default - BA did not change it.
We should be able to get around this by refusing certain (or all) cookies, but then
other methods can be used. You cannot just say block my firewall to these IPs because how do you know where your ISP might be mirroring it to ?
Cant stop it with SSL since F5 supports SSL proxying (which breaks RFCs)
You could always wipe F5 off the face of the planet, thus stopping them from using it since 99% of clients with LTMs dont know how to use one.
Even something like t0r will not do it, since your request has to hit your ISPs boundry router and from there they can just mirror it on one of the ports of their firewall or switch or load balancer.
Im writing to my ISP demanding that no traffic from my IP be mirrored to phorm, BT, or any other subsiduary without written permission from me. I stated it would be a violation of my privacy and human rights if they do not accept - lets see what virgins cut & paste reply will be to this one...
Anyone fancy starting PrivNet with me :)
[An Ex-F5 employee]
If the answers given by BT in the following link are anything to go by, they either don't understand the system or they'll play games with semantics to hide the reality:
http://www.beta.bt.com/bta/forums/thread.jspa?threadID=2612&start=0&tstart=0
If I understand correctly, they argue that data doesn't go to Phorm but is retained in the BT network, which gives them a neat getout from privacy claims.
The argument could be said to be accurate given the relevant server is located in the ISP datacentre and therefore 'within' the network, but the reality is that a 3rd party box is sat on the network looking at the raw data with no guarantees of what will be done with it, and ultimately forwarding a processed subset of that data to external servers.
And the optout system still isn't clearly controlled - if they haven't worked out how to implement it yet it's hard to have any faith it could ever work.
Looks like BT have convinced themselves they're in the right and any customer protests will just be ignored.
Q: And does the service ever modify information you receive via http that might not be a web-page, i.e. is it possible for it to accidentally break applications that rely on http for communication, especially if those applications work in a way that Phorm didn't anticipate?
We operate a whitelist of user-agents corresponding to major browsers (e.g. Firefox, IE, Opera). Other user-agents are ignored.
"So we can expect The Guardian and Financial Times to show less advertising?"
"KE: Yes, I think that most sites in due course will show less advertising. They know it gets in the way of the content.
Most websites don't make any money. but imagine you were able to show your audience an ad based on anything they've done on the internet. Right now all you know is that they're reading your page."
This entire system will lower the value of adverts online, as now the user will be exposed to both adverts from their ISP/phorm and from the original website. This will lower the income for the website operator due to the dilution of phorm's ads.
Unless the website partners with phorm, in which case phorm gets more money and a possible way to get more personal data, and only then will the number of ads possibly reduce. But as the ads will be more attractive to the visitor I can imagine that the number of ads will only go up, based on the past actions of the ad industry (once they find a trick that works, they use that trick constantly, because if they don't someone else will).
And as for people not liking untargetted ads, I think you'll find people just don't like adverts at all. Thats if they can even tell the difference between the ads and the content.... and these days there are many "promotions" and other BS that is simply designed to confuse clicks out of visitors.
But if you use one of Mozilla's browsers then there are steps you can take to get rid of adverts, and kill off a lot of tracking too with the right selection of extensions:
Adblock, with filterset.g. There are also lists available of known tracking companies like quantserve, omniture or google. Adblock can block their webbugs.
NoScript: necessary for granular control over what sites can do. You can allow functionality of a website with this extension whilst at the same time stopping third party tracking or advertising crud from running. Adblock can also kill certain scripts for all sites with a rule like *urchin.js*.
A cookie management extension: I force all cookies to be session cookies, I don't allow any third party cookies ever, block cookies totally from some domains but also allow cookies for sites that where it is a convienience for me to allow the cookie, like some forums etc..
FoxyProxy: can send your browsing via different proxies based on regexp rules. I send all my googling through TOR, as Google cannot be trusted.
Referer blocker: I forge all my referers to be the root of a site. This stops tracking/trending based on where you visit a site from, and stops sites identifying your search terms.
You say " No URLs, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time -- " and in the next breath...."On each navigation, a data digest is created consisting of URL, search terms submitted to a major search engine, and the top 10 most frequently-occurring page keywords from the page (which are cleaned to remove email addresses, numbers and names)."
If my data that I am paying for is not being inspected in breach of any legislation and you don't retain a URL, then how do you create a URL based on my searching???
Also, if someone has to re-do a Windoze machine, thereby losing all the cookies etc., How do they opt out again? Surely it should be an opt OUT policy from day one with the option to opt IN.
I for one will be signing the petition to have you guys banged up for breach of RIPA and Data protection.
You know, that little tech explanation from the Anonymous Coward (how very fitting!) does nothing to reassure me.
You say it's a random number, is that truely random, or psuedorandom garbage that develops patterns over time? Also, if it's in a cookie, a website can easily be scripted to read it's contents, put a request into Phorm's system and pull out my browsing history. From there, it'd be possible to script a very personalised phising attack, giving the number of dodgy sites hiding in Google's ad system already why will your system be immune?
On top of that, how can you guarentee your system will be "instantaneous", every god damn computer program takes some time to run, and unless you're putting a supercomputer in every exchange, there's gonna be some lag. Look at MMORPG's, during peak times servers fall over, but they're not upgraded because they're acceptable 99% of the time. Do I really think Phorm cares about us enough to pay for computers for that 1% of the time? I think not!
Let's face it, you can never win public acceptance from this and I damn well hope you get sued for this stupidity.
Personally I'm writing to OFCOM about BT's changing the T&C without good cause, cancelling my contract with them and moving to an ISP that hasn't sold out. If it gets really bad, sod it, I'll pay for 3G broadband...
>>How to block? Ask your ISP
>>By Anonymous Coward
>>Posted Friday 7th March 2008 18:02 GMT
>>Cant stop it with SSL since F5 supports SSL proxying (which breaks RFCs)
You can stop it using SSL, you would need copies of every Internet sites SSL Cert to proxy everyone's traffic. SSL proxying means the encryption-decryption for a connection to a webite is offloaded to the load balancer and then standard http requests go from the LB to the server.
This needs an intimate relationship between the certificate owner (website) and the load balancer owner, this is almost always the website owner, but occasionally the webhost. As the traffic has been decoded, the only hosts on the network behind the LB are the web farm servers for the website, so there is no security risk.
You can only decrypt https traffic using the cert of the website and client token.
I doubt that port 443 is forwarded to any part of the Phorm system as it is useless to them. They probably do Layer 4 first and only send port 80 to the first stage of their system to reduced load on the CPU expensive Layer 7 stages of their application, unless of course they want to read your email in which case they'll would be interested in 25,110 and 143 too ;-)
Once you start arsing about with the traffic, you can do anything. It's partially a state of mind, we all know email is stored as clear text and can be read by any Sysadmin with vi/nano/notepad, but our state of mind means we don't because it's not right, it's illegal. I suppose you could say that there's also too much too read in order to find the juicey stuff, unless of course you have a big load balanced system with lots of hardware and software, built to parse IP traffic/files for key words, and that's expensive so you would only be able to afford to put it in the top six or so ISPs.
Now, if it's illegal for a Sysadmin to read your email, how can Phorm be legal when they 'read' your webmail?
Ask Google to SSL enable their search site, then ask every web server on the Internet to install an SSL cert. We can be happy as no one can read our data stream, the hardware manufacturers will be happy selling new servers to handle the extra CPU needed during SSL session setup, but we will need an overnight switch to IPv6 as all the servers currently working on HTTP 1.1 host headers will need distinct IP addresses and there isn't enough IPv4.
@Secretgeek: http://www.webwise.com/how-it-works/faq.html
"If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add "www.webwise.net" to the Blocked Cookies settings in your browser."
@AC: "You can easily inject a cookie in to the web page when the data passes through a layer 7 device"
Yes, but you cannot read cookies that were not set for the domain being visited. When I visit El Reg, they have no way of knowing if I blocked cookies for webwise or not, they can only read any fake cookie they set for theregister.co.uk.
@Phorm tech team: "No URLs, browsing histories or IP addresses are retained and the raw data used to make the match is deleted in real time -- by the time the page loads."
You fail!
To check if I have a cookie set for webwise or not, the page must be returned to my browser with an injected iframe, image or some other resource that would cause my browser to request a webwise page, and thus either send the cookie or not. You cannot know that I am opted out by blocking webwise cookies until my browser makes that request. If my browser does not make that request, either through firewall rules, host file blocking or some other method, you cannot know at all. While waiting on that second request, the page *must be held in storage* (RAM still counts as storage) until you receive the request or allow it to timeout. If you don't wait to find out if they are opted out then you just created the digest for an opted out user, which in page 3 of this very article you say will not happen.
There are no global cookies, there are no methods for telling a server that you reject its cookies.
Of course, you could use faked redirect headers to send the browser to webwise or oix first (the addresses being handled internally of course) before checking for the cookie and redirecting again to the originally requested site, but if someone has taken the step of blocking all traffic to webwise or oix, you just broke their entire web browsing ability. If you redirect to oix.net/someinternalreference and they have oix.net set to go to 127.0.0.1, they will never receive the second redirection header and thus never get to the site they wanted.
If you want to know what we're viewing, go back to browser toolbars and actually pay us for our personal data. If you're not willing to pay the people you are exploiting, then get stuffed.
All the spin and bulls**t cannot mask the fact that you are facing an increasing number of intelligent, informed people who want nothing at all to do with your company.
You have failed to answer the simple question "What provision have you made for those who do not want *any* data passed to you?"
"Trust us, we've been ok'd by Ernst & Young" is a very weak appeal. E&Y are an accountancy house, not an independent and respected technical evaluation house. My views on accountancy houses (Arthur Andersen anyone?) aren't very polite or positive, so you'd better get someone more respected in to conduct an assessment.
If VM implement this, I'll drop them quicker than the ICC dropped Steve Bucknor.
Thumbs down because it's all spin and bulls**t
I get the feeling you don't fully understand what you're talking about. Yes, the routing infrasctructure can cause a cookie to be set, but it can't force the browser to transmit that given cookie back in subsequent page requests. The Phorm system relies on a cookie being stored on the client's web browser and that cookie will only be transmitted when visiting subdomains of the domin in which it was set. Phorm relies on this cookie to link a page request to a profile in order to serve targetted adverts. It will work for the targetted ads because they will all come from the OIX domain, but it won't work as an opt-out from profiling because the websites you visit aren't in the OIX domain so it would never see the cokie. Furthremore the highest domain you can set a cookie is one below the TLD, so it's impossible. Please, if you do question this again, have the courtessy not to post anonymously and read up on cookies first. I like to explain things but it makes it a lot easier if you don't posts anonymously...
Can we get in touch? I'm composing a piece about the very same thing you mentioned above re: cookies and could do with a reviewer. I'm a bit paranoid about tech team so I would ask that if you do take me up on this you include some unqique random phrase in your email to me then blog that same phrase afterwards on this forum.
How can you trust me? Well check my earlier posts and email me privacy [dot] watch /at/ gmail /point/ com
As well as confirming it'll be opt-in, they seem to have realised the weakness of Phorm's cookie-based opt out:
"We had a meeting yesterday and based on customer opinion we decided to use a different method, yet to be decided, to split the traffic so it doesn't hit a WebWise server at all for those that opt out."
Excellent news - and kudos to TalkTalk for listening...
>>I get the feeling you don't fully understand what you're talking about.
Thank you, I think you're confused too.
>>Yes, the routing infrastructure can cause a cookie to be set, but it can't force >>the browser to transmit that given cookie back in subsequent page requests.
I never said that it could. You stated that "Phorm deny that anything is injected into the data stream." I replied "If your data stream passes though a Layer 7 device at you ISP, they _CAN_ write anything in to the cookie or page they want." I didn't say anything about making your browser send a cookie, or for that matter I didn't mention reading a cookie.
My posts have mainly concerned that they are reading _all_ the content of anything you view or post including personal any info. The only thing in the cookie that we know about is a number that they would like to be set once so that they track your interests.
>>The Phorm system relies on a cookie being stored on the client's web browser >>and that cookie will only be transmitted when visiting sub domains of the >>domain in which it was set. Phorm relies on this cookie to link a page request >>to a profile in order to serve targeted adverts. It will work for the targeted ads >>because they will all come from the OIX domain, but it won't work as an opt-out >>from profiling because the websites you visit aren't in the OIX domain so it >>would never see the cookie. Furthermore the highest domain you can set a >>cookie is one below the TLD, so it's impossible.
Yes, I agree how a cookie works, and that is why they need to see all your traffic, as until you visit a site that has one of their ads they won't have access to their cookie. When you do visit and OIX site, they will read the cookie lookup your ID up in their database and find that you have opted out; then the ad they send you will be generic and not targeted as you have no profile.
Before that time your browsing habits will build up the generic profile of what "people" are interested in and when they're interested in it, Phorm can then sell advertising such as (my guess) "In general Internet users have a greater interest in "celebrity" from 4:30pm until 7:30pm, so we can target your budget for your Magazine advertising during this time period, if you use another agency, a higher percentage of your budget will be wasted" K'Ching
>>Please, if you do question this again, have the courtesy not to post >>anonymously and read up on cookies first. I like to explain things but it makes >>it a lot easier if you don't posts anonymously...
I avoid personally identifiable data when possible, however you seem to be able to identify my posts, so I don't see the difference between Man Outraged and Anonymous.
Really? Or does that just mean that you still hijack the stream but don't attempt anything intrusive afterwards? I'd bet 2 years worth of my pay on the second one.
@ tech team and subsequent Phorm interventions: OK, so right now you carefully filter the stream and don't keep data for a very long time. Still:
- what tells us that the rules won't silently change as soon as the hardware is in place? (actually, I know, and you know also, that they are going to change at some point. That is unavoidable. And we have to believe that you won't misuse that. Without being legally bound... Potential tons of money+no regulation=trouble for the user)
- user-targeted ads make it easier for an "advertiser" to place targeted malicious ads. Which is a very bad thing and is far, far far more dangerous for non tech-savvy users than the allegedly "anti-phishing" utility (which, by the way can't be anywhere near efficient if it works the way you describe. How would blocking "known phishing sites" work? Do you have the beginning of a clue on how phishing works in the real world? E-mails, compromised legacy sites, transient redirection to constantly moving forged sites, ... heck, even https streams sometimes, which you said you didn't read!)
-as stated repetedly here (strange, you seem not to be willing to adress the problem in your answers), even assuming that you will behave, you're adding a very heavy threat: any vulnerability in your system would allow hackers to get the complete data streams of a good half of the population. And you're seing that happening, aren't you. Your statement that "we are not processing the data, the ISP is, as our hardware will be in the ISP's facilities" (roughtly) is only you trying to put all the liability on the ISP... clever... even if YOU will probably maintain the hardware and software...
As a conclusion: you're -at best- just putting everyone at risk (assuming you stick to the "good resolutions" you exposed here and don't shaft everyone by yourself in the first place, which remains to be demonstrated).
I vote death.
Exactly. I went on the Phorm "web chat" last night and asked for them to explain how they were going to get my browser to send a phorm cookie when I wasn't requesting a resource under the phorm domain - no surprise that they DIDN'T ANSWER THAT ONE!
What would be really useful here is an architecture diagram showing ISP hardware (perhaps in green) and Phorm hardware (in red) and numbered arrows indicating the sequence and flow of data through the system. I asked for as much on the chat last night - and it was promised - but instead we go to www.webwise.com and see a video of some fat woman bleating on about how great targeted advertising is.
The following entirely my own opinion, as an Information Technology professional:
'When you actually poll people and you say to them "what are the things that irritate you most about the internet?" they'll say two things: being bombarded with the amount of irrelevant advertising, and online dangers.'
Bollocks. The sheer amount of advertising, not relevance of the advertising, is the issue. I don't need a spyware purveyor to be my nanny, thanks, I can choose which Web sites to visit and which to ignore. Anything with more than three thigns I recognize as "advertising" go on my ignore list. I'm usre other people have higher (and lower) thresholds.
"I think that most sites in due course will show less advertising."
How long is "in due course?" A year? A decade? A century? Duping people into understanding what you *want* them to take away from your statements, without telling outright lies, is a fine art, and it looks like Phorm is very good at that.
'Because our privacy is better. It has got an on/off switch. There's a place consumers can go and say "off". They can't do that right now.'
This one, however, is an outright lie. The hosts file is readily available to every Internet user, and by adding Phorm's DNS hijacker to the hosts file published by MVPS.org, every Internet user can permanently opt-out of Phorm's spying.
'Look, if we had anything to hide we wouldn't invite you in here. We'd give you some bullshit statement saying "no comment"'
No, you'd use the old standby of misdirection. I've been a stage magician; I know how it's done.
"here are options in Firefox and IE that do that already.
KE: I know, but how many people do you think actually use that?"
Millions, apparently.
"This is a way of helping people who aren't necessarily tech-savvy."
From a tech-savvy point of view, this is a way of collecting data to which Phorm has no legal right from people who don't know they're giving it up.
"If people come away from this interview thinking we're these slimy people, then we can't make an impact."
No impact, then.
And here's why I think they're slimy:
"It'll be automatically switched on then?
KE: The conversation over opt-in/opt-out is blurred by the one about transparency. They want to always be aware about whether something is on or off.
So we're going to do something unprecedented, and you'll never see this anywhere. Which is, as they continue to browse periodically you're going to see in an ad space "Webwise is on" or "Webwise is off","
So they *are* going to detect the cookie, and they *are* going to react to it, *EVEN* *IF* *THE* *USER* *HAS* *OPTED* *OUT*. And frankly, that alone tells me that Phorm cannot be trusted to not collect the data, and cannot be trusted to install their server without a back door into it. Honestly, anyone who's ever had a server in a remote data center knows that only an idiot would put it there if there was no way to access it remotely.
In summary, I trust these guys about as far as I can throw Scotland.
Some of the things that phorm will be intercepting and harvesting,whether or not they do not retain them in the long term :
Webmail,
usernames and passwords,
forum posts and website comments that you make.
I write web applications for small businesses.They often contain confidential information of various sorts that is not available to those without login credentials.
We need some informed legal opinions about the applicability of Data Protection Laws.
If I as a website owner have gained the trust of an advertiser to advertise their wares on MY site, and they pay me for that advertising, who gives PHORM the right to change those adverts because they think they are not appropriate for my users? Is PHORM going to refund my advertiser because the advertising was not relevant for the viewer on my site? I don't think so.
I think every web hoster and advertiser partnership would take a very dim view of this.
I have to give these guys props for talking to El Reg and talking on the skeptics directly.
They state plainly that they are not storing personal information. They also imply that it can not be easily associated with a particular individual. This is almost certainly deception through omission. It's more or less trivial to associate it with a user at a later date, if this is what you want.
Their intentions seem good. What if their intentions change, or are changed for them?
It looks like they had finally admitted that BT were trialing the service in July of last year, this being against the BT privacy policy.
What wasn't raised during the interview was what exactly the database servers in china would be storing
From the interview I read it as PHORM won't clickstream your data but BT might, given that it looks like BT were less than open about the last summers activities its Ernst Stavro Blofeld's cats all round.
This is supposed to protect the less techincally able? LOL they are the only ones who will still be using these ISPs.
Sign the Gordon Brown petition and lets protect the noobs
http://petitions.pm.gov.uk/ispphorm/
Just realised with a google search of "phorm" and "tech team" I can easily find all the other outpourings of grief that someone has the audacity to propose tapping all our webstreams. Nice work tech team for tagging them so neatly!
@AC re: re: *you just don't get it* - you can be anonymous and still have an identity that gives the courtessy to other users to see what else you've had to say on this topic but hides it from your boss. Of course it's your right not to, and I wouldn't be beating you up on it if you at least check your facts before you acuse others of having their facts wrong. I took the time to explain your mistake to you now grow up.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
