For once...
...they've done something reasonable - big hand for the Wikians
The Wikimedia Foundation has asked Phorm to exclude all its domains and websites - including Wikipedia - from Phorm's BT trials, because it considers such scanning to be an infringement of its users' privacy. Phorm's automated reply said it was likely the ban would go into effect within 48 hours. Earlier this week Amazon took …
Isn't this our anti-phorm answer? Don't we just encourage EVERYBODY to have their domains excluded? We can start petitions with leading sites (starting with the tech ones like ElReg and then move to the traffic monsters like BBC, etc) to convince them to apply to be excluded from Phorm to the point that their service has such low coverage that it becomes pointless?
I've looked around the Phorm website to exclude my own sites and can't see an obvious "exclude my website from your illegal service" option. Where's the link?
Submit our URLs to be excluded. If everyone submits their favorite domain via an automated system then very quickly it will become unmanagable... and once it is discovered Phorm ignore the request, then the time in courts will come.
Of course it goes without saying that all El-Reg domains will be excluded. Perhaps someone should register the 'freefromphorm.net' and 'freefromphorm.com' addresses - and offer services like webmail and proxy browser sessions.
The ORG are complete simpletons, wiki and Amazon along with them. All they are doing is legitimising phorm and the unreasonable steps they are requiring to opt out.
It wont be possible to verify that their pages are not being scanned, their content will still pass through phorm's boxes in any case and their cookies will still be tampered with/their domains spoofed or the system would not work at all.
Do they REALLY trust the word of Kent and his bunch of spyware vendors? Cos I sure don't.
...if someone were to, say, over a period of time (say one message per second, until finished), send one email to them, for every domain name registered on the internet? That would give them some work to think about, huh? ;)
(and because they are dodgy types, you wouldn't trust them with your *real* email address or details, only a made-up one (unique per email?), sent from a spoofed IP address via an open relay (purely, to protect yourself from them, of course... ;) ))
Just a thought.
We have the same issue here as people opting out have: We still have to take their word for it that our traffic goes nowhere near their insidious L7 inspection boxes. Make no mistake, this is what we want, a verifiable opt-out which means our traffic goes nowhere near that cesspool of privacy fail. We (and the Phorm-stricken punters) just aren't getting what we want.
And what's this "request" bollocks? DEMAND, not request. I ORDER you shits, with whom I have no contractual relationship whatsoever and an expectation of privacy with regards to my personal communications, not to route MY traffic anywhere NEAR your layer 7 spyware crap. That, and ONLY that is good enough.
Email: website-exclusion@phorm.com
Giving a list of all your domains and stating that they are to be excluded from the phorm system and scan.
You'll get an auto response giving the 48 hour line, in my case back in November it took them 5 days to respond to say that they had been excluded.
Interestingly it said in the auto response it said.
'If there are no obvious grounds to doubt the legitimacy of the request the URL will be blocked as soon as possible, usually within 48 hours'
Yet all my domains are set to private so no information proving that they belonged to me would show on a whois.
Website owners may implement any of the following methods:
1. HTTPS: No HTTPS traffic passes through the system or is profiled
2. Standard HTTP password-protection : Pages protected using standard HTTP password protection, as defined by RFC 1945, will not be profiled
3. robots.txt: The Webwise system will observe the rules that a website sets for major search engines using the robots.txt method. If the website's robots.txt file is set such that "*" (any robot) is not permitted to crawl it, then Webwise will not profile its pages.
Alternatively, you may request specifically that your website is not scanned by Webwise. To request that your website not be scanned by Webwise, please email:
website-exclusion{at}webwise.com.
I agree - ignore their opt-out process, otherwise you are legitimising it.
Just stick legal notices on your websites to exclude such interception/profiling and then there is no doubt whatsoever that it's illegal. At present they can carry on pretending it's legal, if you xclude it in your usage terms then there's no doubt that it isn't.
....so I'll leave it to my old friend, the Laughing Dog.
Take it away.....
ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!
ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!
ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!
ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!
ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!
Details for stopping Phorm can be found here:
http://www2.bt.com/static/i/btretail/webwise/help.html#how-do-i-prevent-webwise-from-scanning-my-site
I think the bit about using robots.txt is interesting. They are essentially saying, "If we can't spider, then nor can anybody else."
The problem is that we have no way delegitimising Phorm because of the way the authorities have reacted ("la la, I'm not listening, la la")
So the only way we have of "fighting back" is to make it that the major information sites that people go to are not scraped by phorm and so their user profiling and thus advert delivery system just doesn't give that targeted advert response. If the targeting doesn't work then the advertisers will walk away and the money will dry up.
Of course I don't trust Kent and his slimy cronies and lets face it having Lamont on their board really says it all about the sort of unpleasant people they are.
"Website owners may implement any of the following methods:"
They may also implement the following method:
Place a notice on their website explicitly forbidding the interception of data from the site for advertising purposes. Then you're covered for any snooping outfit, not just Phorm.
Why should website owners have to opt out, any more than ISP customers? If Phorm's business model works, there'll be dozens of these parasites to deal with.
In any case, didn't early opt-outers find that a Phorm spider promptly catalogued their site as part of the opt-out process? Phorm will still be using data from your site to deliver advertising on behalf of your competitors, it'll just be out of date data.
If Google and Microsoft opt out Phorm will be nerfed. My homepage is Google, as are many of my customers and or MSN. If Phorm isn't opted out of a customers PC, just by profiling their home pages they'll be breaking the agreement, and whilst Phorm/BT may have British politicians in their pockets, they will be crushed by Google and MS. Hopefully.
The news just gets better and better. Smiley for hope.
From what I know about Phorm, a lot of the problems are caused by it reading where you're going and logging that data, so even without scanning web sites it's going to be able to figure a lot about you. Just URL alone will help for keywords (like Google does).
As for blocking the webwise system, what'd be useful is to know the IP ranges of the bots esp as their robots.txt knowledge seems to be essentially zilch, ie: not offering a user agent. Wonder what user agent they're going to use, eg: fake it?
As a sidenote -,interesting to see they're trying to sell this as an anti-phishing system as well as advertising tracking. Can't imagine how that'll work, and there are so many better systems out there that we don't need another faked one. Oh well - hopefully they'll get closed down by the EU.
3. robots.txt: The Webwise system will observe the rules that a website sets for major search engines using the robots.txt method. If the website's robots.txt file is set such that "*" (any robot) is not permitted to crawl it, then Webwise will not profile its pages.
nice try, what you mean is if we block google as well you wont spider us.
' Details for stopping Phorm can be found here:
http://www2.bt.com/static/i/btretail/webwise/help.html#how-do-i-prevent-webwise-from-scanning-my-site
I think the bit about using robots.txt is interesting. They are essentially saying, "If we can't spider, then nor can anybody else." '
Indeed! Little shits! I WANT Googlebot to index my sites = I DON'T WANT Phorm profiling my sites!
Phorm is gunning for you. Either they want to grab your visitors data (all of your visitors keystrokes as well as the pages they are visiting) or pressure you into advertising with them otherwise "You'll be left out."
Go to HTTPS pages now. With up to date procedures your customers won't notice. If you do a site layout change and introduce new products after the change which a Phorm sign up targets that would suggest they have scraped your site anyway. Class action suit time.
As a shopper I want choice and the ability to do comparison shopping. I want a site which loads fast. I don't want some re-branded malware company snooping my data (which if I buy will include my bank or credit account details) which will be passed on to who-knows-who and sent to who-knows-where.
I am not Phorm's customer. You are. Unless you tell them to get lost.
Thumbs up as i welcome Wikpedia's ban.
When they are trying to sell this service to advertisers they obviously need to convince them that the targetting is accurate. However the traffic they see will only be identified by the source IP which will be the address of the firewall between the private network and the interenet. So at my house there will be three completelty different people with differing interests. If they hit my wife with adverts for cycling gear it will be wasted, or how about me with Thomas the Tank engine, or my son with card making stuff? That probably means that two thirds of their targetted ads will hit the wrong target. And if that wasn't bad enough how about those browsing from a corporate network? How long before potential advertisers figure out that their "targetted" advertising is more scattergun advertising?
The there's the whole issue of all commercial sites who don't advertise with Phorm opting out, which of course they will because they don't want Phorm hitting their clients with adverts for the competition.
Have they got anything that is, or could be, patented? If not and their service gets the legal green light then no doubt the big boys (OK, google) will step in and undercut them and they'll be out of business in no time.
The more you look at this the more you realise their business model is flawed at all levels.
I have sent an email to Google highlighting my concerns about Phorm/webwise abusing the robots.txt system which Google not only respects, but also depends on for quality search results.
Perhaps everyone should do the same?
Along with the other more obvious concerns, it may go some way in encouraging the Google folk to make a stand.