By John J Kelly
Although I don’t necessarily think that Norman Lamont joining the board of Phorm is particularly sinister, thanks to Bad Idea for highlighting the activities of this interesting adware company. I personally have no problem with advertising-supported sites, provided they are upfront and there is a clear ‘opt-out’ option, but most adware is pernicious and far from transparent. In its most extreme form, which appears to be the business model proposed by Phorm and others, including, dare I suggest, established mom and pop sites such as Amazon and Google, internet user ‘profiles’ are established by aggregating and analysing browser usage, and internet users are then ‘targeted’ by email with blandishments to buy and view ‘complementary’ products. In essence, this is no more sinister than traditional direct marketing, where a list broker sells names and addresses of buyers of one type of magazine, for example, to another magazine publisher to canvas subscribers. The difference comes when an internet user is unaware or only partly aware that their browsing and viewing patterns are being saved and stored for sale to third parties. It becomes very worrying if data relating to searches made, for example, on muscle cars was accessed by an insurance company as part of their risk assessment profile of a claimant or customer.
While I don’t think Phorm should necessarily be singled out, the trend towards profiling is at least as worrying as government snooping activities related to the Utopian notion of the Panopticon State’s benevolent gaze, if not more so, because commercial organisations stand a much better chance of getting the enabling technology right, leaving them in a wonderful position to use the data to wreak havoc with unsuspecting folks’ lives. Simply because I know it works, Thus recommends viewing our site with the Firefox browser, which you can download for free and configure to clear all your data after every session. Firefox is an open-source package (but is actually supported financially because it uses Google as its search engine). If you don’t have spyware protection on your computer, you should, but it’s worthwhile making sure that the anti-spyware package really works. PC users suffer more than us smug MacUsers, so I can’t recommend a package, except to say that McAfee, Norton and Symantec have been around a long time. That much said, is recommending them a sort of example of adware in itself?
So far nobody has offered, but as and when a sinister mega-corporation offers to sponsor this site, I willtake their cash, provided they advise visitors of their involvement by means of lots of garish, conspicuous banners and gratuitous advertisements, hopefully featuring scantily-clad girls smoking and drinking, admiring firearms and playing card games. I doubt that this will happen, since I am obviously the wrong profile and so are you, probably, or you wouldn’t be looking at this site. I’m happy to consider offers of sponsorship from beard-stroking retired conspiracy theorists with a poetical agenda. I’m not prepared to compromise on the smoking, gun-toting card-sharking girls bit, however.
12 Comments
A friend of mine just emailed me one of your articles from a while back. I read that one a few more. Really enjoy your blog. Thanks
i am no sure you understand the phorm / webwise process
unlike traditional user tracking which relies on cookies that are tracked across sites in an advertising network (2o7, googleads etc) phorm analyses ALL of your unecrpted http(port 80) traffic and assigns you a unique ID (UID), this is like a single tracking cookie used by all ad networks combined
all unecrpted pages are scanned, all search terms in url’s are scanned to add what you are looking for into the pot, you no longer have direct access to the internet, everything you do on a phormed ISP is watched and used to target adverts at you
also unlike normal browsing if you choose to use different nic’s (usernames) on different forums etc you can choose who can join any together, this UID is global and very privacy invading. NOT privacy enhancing as PHORM claim
the UID can leak very easilly if a site moves from a standard port 80 to any other port, 443(ssl), 81 used by some to bypass transparent proxies etc
the UK information commisioner said back in march 2008 the phorm / webwise model “had to be opt-in” to have a chance of complying with UK/EU privacy laws
it was admitted by hugo drayton in an advertising conference the other week that the anti-phishing features of phorm / webwise was no better than that in current browsers or provided by google, so the benefit of the service is minimal
phorm also only talk about phorm / webwise from the end user perspective, they ignore the web master side, where sites commonly state in the terms of use, content is restricted by copyright and content is not to be used for commercial gain, phorm / webwise break both of these by making a copy (mirroring the page in the profiler), making a derivative work (analysing the page and creating a list of the 10 most common terms on the page) then using that information for commercial gain (using the datadigest provide paid for advertising, with no compensation to a website unless part of the OIX ad network)
phorm alter any cookies dropped by a website by adding your UID to the cookie, if no cookies are dropped by the site phorm mascarade as the site to drop a first party cookie in the sites name, regardless of the sites privacy policy on cookies
phorm say they honour robot.txt entries to block major search engine, but they refuse to allow webmaster the right to be indexed by google etc but not scraped by phorm / webwise, and nobody can verify what phorm / webwise are doing as due to it working on an offline copy of the page, there are no entries in a websites audit log, so the process is not transparent or verifiable to a webmaster. the only option left to webmasters is to block entire IP ranges of PHORMed ISP’s
over 19,000 people have signed an online petition against phorm at http://petitions.number10.gov.uk/ispphorm/
finally the opt-out is not an option, as even when opted-out all of your traffic still goes via the profiler and is potential used to create a list of common terms used to price words and search terms for advertising
peter
Presumably you get some sort of mass mailings in your snail mail letter box, most of which are of no interest to you whatsoever. Now imagine that the postman is going to open and read *every* letter you receive which is not marked Private and Confidential. Based on what he finds in that correspondence he will deliver you additional advertising based on what he perceives to be your interests. Would you be happy with that?
What Phorm do is exactly the same – they intercept *every* webpage you visit (not just the web pages in their advertising network) to determine your interests. That is why it is not acceptable.
BTW: Their opt out is a fig leaf, all you browsing goes through their boxes, they just don’t store the results.
Unfortunately Phorm is using direct “Wiretap” Technology on the ISP Level 7 Switch http port 80, therefore any blocking Technology or Security Software on a PC is REDUNDANT!
The Profiler can & does “mirror” all the data on http(80) from BOTH the Website & the User!
Phorm’s ‘Webwise’ is currently being trialled in the UK by BT.
In a nutshell, the reason that Phorm’s ‘Webwise’ product is singled out is because if one’s ISP partners with it, there’s no ‘effective’ opt-out, and for the websites that you surf to, the content is effectivly harvested and distilled so that the surfer can receive ‘targetted adverts’ based on what they’ve been on the net.
The implications are two-fold. Firstly, for the surfer, their internet connection is intercepted and routed through Phorm’s Webwise. There are privacy issues as thier browsing habits and data are being profiled regardless of whether they opt-out or not. The only way to opt-out of Phorm’s ‘Webwise’ is to change to an ISP that does not partner with Phorm.
Secondly, for websites, their content, that is their copywrited material is being illegally copied by Phorm’s Webwise product.
Don’t forget that Webwise is just another iteration of the adware/malware that this company has been pumping out for years. Today, they are called Phorm but they used to be called 121Media. Their ‘presence’ is in detection by the ‘respected’ anti-virus products from Symantec and the other major anti-virus providers. What does that tell you?
Regarding Google and Amazon, they can easily be avoided by not surfing to those sites. Its just not possible to avoid malware that’s installed up-stream within your ISP without changing your ISP.
Here are a few reasons why you clearly do not understand the subject you have written about:
It may come as a surprise, but legislation (and the Home Office) states that this form of technology must be OPT-IN, i.e. you giva a clear choice to be involved.
It does not matter which browser you use, if you are opted into webwise you will be profiled and served the adverts. If you are a website owner you are open to copyright theft from the Phorm technology.
If you believe that anti-spyware is a protection against Webwise then I suggest you seriously need to read up about Phorm and their ISP based Webwise technology.
If you wish to know and understand more about Phorm and Webwise the following are a good starting point:
http://www.inphormationdesk.org
http://www.nodpi.org
I think you need to do a bit of research on Phorm and Webwise.
1 – the objections to Phorm and Webwise are not based on the fact that it is adware – there is plenty of adware around. If Phorm were just adware we would not like it but we wouldn’t be protesting against it – just blocking it!
2 – it cannot be kept at bay with anti-adware or security suites or Firefox browser. In fact if you try and block the domains associated with Webwise/Phorm, (using a HOSTS file) and your ISP switches it on, your browsing will simply “break” and you will get NO pages at all – because whether you consent or not – all your browsing requests will HAVE to go through the Webwise/Phorm domains, and if they are blocked, then so is all your browsing.
3 – the “sinister” bit is the fact that UNIQUELY it is implemented not by a 3rd party, but by the ISP, and involves interception of communications between the surfer and the internet at a very basic level, and this interception is done without consent, and without the option to opt-OUT or opt-in.
4 – the phorm end of the equation, is the channel selection and ad serving which is controlled by an opt-in/out mechanism. But the system starts with the ISP, and there is NO choice.
5 – the first the consumer knows is when they try and use their browser to get to a website, and their ISP, without consent and contrary to legislation about interception, hijacks their connection, diverts their browser and serves up instead of the page they were looking for, an invitation to join Webwise.
Whether they accept or decline that invitation, from that point on, their browsing is being intercepted, redirected and profiled by their ISP, whether they like it or not. There is no way out.
They only have the option of whether they want the “ad-serving” switched on or not. They cannot control the interception/hijacking side of things. This is what makes it illegal under UK law.
The only way you can block Phorm and its nasty deep packet instpection system is by adding the domains to your hosts file. That then stops you from accessing anything on the internet if your ISP has decided to make your data available to Phorm before you yourself get to see the site you hoped to see.
It is nothing like any of the other tracking and profiling systems out there. No browser or adware blocker out there has so far agreed to block the necessary domains because doing so will prevent your being able to access the internet.
Maybe you should rewrite your article? – and then I can help you with a list of books you can get free from the library to help you with your smoke and guns.
You’re all right, guys – I don’t fully understand Phorm or adware, except that I had the feeling it was a tad invasive and nasty. All your comments are deeply instructive and helpful and I’d hugely welcome a sensible article or ten on this very important subject (as opposed to my playful provocations).
I particularly appreciate the advice on Spyware detection packages, but as a Mac user, am genuinely unfamiliar with what works or doesn’t in the Vista/Windows/Linux environments. A good, objective piece would be appreciated, as would a reading list.
Thanks and deep respect, John
A good technical analysis can be found at:
http://www.lightbluetouchpaper.org/?s=Phorm
Start with the eldest entry first, i.e. the link at the bottom.
John – glad to have helped with your education. The wikipedia article on Phorm is quite instructive.
It is not a matter of being on a Mac or any other PC system. If the intercept is happening at the ISP level then you are 100% being intercepted and there is no way to opt out other than to change ISP or stop using the internet.
For more information on how the system works you can read through
http://www.phonecallsuk.co.uk/bt-webwise.html
which also links to some technical articles (PDFs) which cover the technical and legal aspects in the UK.
There is a lot of information out there. The big problem is that ALL the low cost, popular ISPs want to make more money out of their customers and they see this as the easy way forward. The first real attack on net neutrality and all because the cheap, low quality ISPs are selling bandwidth below cost and their previous overselling without investment policies have suddenly caught up with them.
Glad that you are being inphormed John, and by people who know what they are talking about.
Maybe the title should now read:
“Cookies and cream and why you should choose your ISP with care”
By the way the ICO doesn’t seem to care a toss about enforcing a strict opt-in policy. What’s more, I have the right to put whatever I wish in my HOSTS file – I choose what to block. BT, or any ISP, has no right, without writing it into the contract when I sign up and making it very clear that it is there, to prevent normal internet activity if I include webwise.net in the HOSTS file, or any other URL.
Miles
2 Trackbacks
[...] unknown wrote an interesting post today onTHUS – because it does not have to be that wayHere’s a quick excerptIn essence, this is no more sinister than traditional direct marketing, where a list broker sells names and addresses of buyers of one type of magazine, for example, to another magazine publisher to canvas subscribers. … [...]
[...] response to the excellent comments posted following my piece about browsers and spyware, I need to point out that the problem goes much deeper than browser technology. Internet Service [...]