Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Simon,

I wonder if we used a real world example to highlight why they cannot assume implied consent? For example autosport.com run a lot of normal news items which are readable by the public however you have to pay a subscription to read their more involved articles. The following is a link on autosports front page but when you follow it you are prompted to log in to read the entire article.

http://www.autosport.com/journal/article.php/id/1623

Google will not be allowed to view the content of these subscription articles as they have taken sufficient steps to prevent the article being generally available to the public. You have to log in with your account to view the article and notice that the authentication is not using the HTTP authentication that phorm say they will ignore.

Webwise/Phorm will still profile the content even when you QUITE CLEARLY cannot assume "implied consent".

This is just one example, how many other websites use how many different methods to protect their content? Some will use cookies to authenticate their users (like this forum) some will use server side sessions instead of cookies (this would be my personal choice), some may even use something as primitive as including something in the html code to identify the current user.

The point is that there is no standard way to protect content, it is impossible for them to say that they will recognise every single way people have protected their web pages and therefore cannot assume that they have implied consent.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Anyone know when Steve Gibson`s podcast on phorm will be available.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Well - set up a phishing trap and follow up all the phishing emails you get. Shouldn't take too long. I have a heavily spammed account I can check every now and again for my HBOS/A&L/Lloyds/Nationwide phishing emails.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

That is a very good point and one I had not thought of. Phishing sites using SSL will not be detected by webwise. That is one HUGE hole in their most argued point about protecting users against phishing attacks.

Well spotted!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

has the PIA gone MIA ?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

It was recorded yesterday and will be available on Thursday and I thoroughly enjoyed it, first half had me laughing out loud (great for old school geeks) and the second half was entirely on Phorm and he covered pretty much all of the technical points.

Shame you guys don't get to listen to it til Thursday :PP:

Alexander Hanff

---------- Post added at 11:28 ---------- Previous post was at 11:26 ----------

As I said last week Simon Davies is out of the country for the next couple of weeks, so it will be some time now before it raises it's head.

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Thanks Alex, should be a good listen.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

From: Steve Gibson <news07_@_grc.com>
Newsgroups: grc.securitynow

High Quality - 51,224,683 bytes
http://media.grc.com/sn/sn-151-.mp3

Low Quality - 12,824,812 bytes
http://media.grc.com/sn/sn-151-lq.mp3

--
Available now on his own servers.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Just to go slightly OT for a moment. Saw this on the BBC website:

Virgin rapped on broadband speeds

Just love this bit:
Talk about pot... kettle... black!

OB

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Has anybody actually asked Phorm if their anti-phishing protection only does http:// ? I know they don't profile https:// but there is nothing to say that the anti-phishing, largely done on urls, does not. We shouldn't jump to conclusions.

But I would still have far more confidence in my browser in-built anti-phishing than Phorm's variant. They refuse to say which external databases they are using, most others are quite happy to state this.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.
Remember Phorm are a sponsoring member of the AWG http://www.antiphishing.org/sponsors.html and would not be daft enough to offer something that did not cope with a large proportion of phishing attacks.

Also remember that their anti-phishing will not need you to download updates of known sites like most of the norton's etc do, so will be much more up-to-date. So a much better, and free offering than that currently available.
You see - Phorm is simply the best :-)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

As far as I am aware it won't be possible to check https url's for phisihing attacks. The first step in the process before any URL is sent is to establish the secure connection with the server, only then is the request sent at which point it is not possible to read the request (unless they have huge computers which will break all of the encryption). The only way they could check it is to intercept the https request and present an intermediate certificate which would cause alerts in your browser indicating a "man in the middle attack".

The only information they can glean is the ip address however to black list an ip address could black list a large number of other sites that would be running on the same server.

---------- Post added at 12:00 ---------- Previous post was at 11:56 ----------

Antivirus software and browsers (that already provide this protection and CAN check https url's) automatically download the latest phising site lists without any intervention from the user.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

McAfee Site Advisor doesn't download a list at all; it submits the url once entered and compares it with a central database - which also means it is more up to date than a copy kept on a client machine so Webwise doesn't have any advantage over this free product either. Furthermore it scores domains on features other than just phishing - it will flag up sites that have suspicious downloads on offer (trojans and the like), sites that use browser exploits, will flag up spammy domains, or will even flag up domains for being associated with other flagged parts of the web. Those are features WebWise does not boast, despite being able to "see all of the internet".

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

[QUOTE=HamsterWheel;34589883]I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.
Remember Phorm are a sponsoring member of the AWG http://www.antiphishing.org/sponsors.html and would not be daft enough to offer something that did not cope with a large proportion of phishing attacks.

Dave Jevans, Chairman of the APWG, sent me an email saying this about Phorm: 'I don't like the categorization that its an "anti phishing solution".'

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I just did a quick search for some information to confirm the SSL connection process and found this.

http://publib.boulder.ibm.com/infoce...5/s5sslsf.html

Notice that at step 6 where the data exchange occurs (the sending and receiving of requests and data) that the encrypted tunnel is already established.