Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I got webwise is switched On.

No cookies set, which is not surprising as i have webwise cookies blocked.http://img246.imageshack.us/img246/8399/thumbsup4kk.gif

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

It isn't setting cookies at the moment, just rotating between the various on/off/not enabled pages.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I am with VM and i get presented with:

You Can Choose
Webwise is currently not enabled by your ISP

No cookies set.
However visiting http://www.webwise.com/privacy/opt/out.html sets a cookie as before:

OPTED_OUT
YES
webwise.net/
1024
3600677760
30081815
47305360
29934965
*

privacy/can-choose-on.html and privacy/can-choose-off.html seem to be mirrors of
privacy/opt/in.html and privacy/opt/out.html but the latter have less text.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Hi, Yes I am getting exactly the same to!

Dave (thejag)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

After watching that video, I noted several times the phrase 'webwise never knows where you have been'. Then, further on the video goes on to say 'user 123 has been to travel sites X or Y'. But I thought that 'webwise never knows where you have been'?. How then do you know I have been to website X or Y?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

we should be opt out by default no cookie no phorm ad`s peroid

they really should buy them selfs out of the what ever they signed up for, as the model has to be opt in and breaks the one they thought they was going to get all in and hush hush.

no mention of VM but sadly thats not going to help them with the new capping limits not giving the customers the speed they paid for when they need it the most.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Phorm has more spin than a waltzer at the fair!
No! Lets say phorm are the spinning plates and BT are twiddling the sticks to keep them from falling.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

From the video:
Webwise...
"Click on any Ad and you can switch it on or off".

So how will that work, do they get paid a click through when you opt-out?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Just a quick question..............is anyone trialing Phorm ? As it's got a lot of intrest

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Also note this on their privacy page (http://www.webwise.com/privacy/best-privacy.html)

We will protect your privacy and any information that can identify you personally.

We will never collect or store any personally-identifiable information about you. We will not store IP addresses, URLs or search terms, or anything sensitive, and we have established industry-leading standards regarding storage, retention and deletion of data.

Followed by...

We will protect all data.

We keep all data secure on our servers taking all possible steps to ensure that the data collected is protected and that access to it is limited to employees with the need to review such information.

So they don't collect any data but they ensure the data they collect is secure. I appreciate they only mention PII in the first quote, but if that was the case what data would need to be secured?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The site appears to be down?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Phorm claim (in advertiser oriented promotions) that they know what you were doing 3 days ago (looking at ads for a certain Canon camera model)

---------- Post added at 15:04 ---------- Previous post was at 15:00 ----------

Reply from Don Foster MP (signatory to Early Day Motion in Commons)

I've had a reply from my MP Annette Brook (LD) one of the EDM signatories, with Don Foster's response to my concerns (Don Foster MP is the intiator of the EDM). It does not make for happy reading.

He has met Phorm, and appears to have been given their standard talk, and believed it.

the points where he appears to have been effectively misled are:

1 - non https email. "There is no suggestion that Phorm would be able to scan individual emails for content because the system does not monitor `https' URLs which are used for secure access websites". This is sufficient for Don Foster to then go on and say "Ths should mean that it is unable to collect any personally idenfiable data". Again - serious lack of understanding of the system evident here.

This ignores the issue of the many non-https mail sites, security issues relating to the cookies, data handling by BT Webwise sites, and the issue of interception of Phorm UID by 3rd party websites.

2 - He appears not to be familiar with Dr Clayton's analysis as he says, "I am confident that currently and in the future, Phorm poses no risk to individuals' privacy and security".

3 - He makes absolutely no reference to webmasters intellectual property rights and the lack of webmaster explicit informed consent.

He has concerns about the previous tests and seems to confine his concerrn to the potential illegality of BT's 2006 and 2007 trials.

He states that - "the tests put the trust between BT and their customers at risk". You bet it does.

He states that he has met with BT and urged them to consult their customers before any further tests take place and to use an opt-in system. Presumably the closed Q&A thread on the BT beta forums represents this consultation - unfortunately the answers stopped coming as soon as the questions got difficult. He been "assured that this will be the case (opt-in) for any future tests or use of the service". Good, but even the ICO was saying that - just that BT have never confirmed up to now that they would abide by that. So - some progress.

He states that "there is no way of knowing whose data traffic was processed in these trials" (2006/2007). That will be news to those who already KNOW that they were included. He urges such people to "contact BT to discuss their experience." I would recommend those people who have evidence of being affected by the BT secret trials to contact Don Foster MP and relate what responses BT have given them, and what response they have had from the ICO. Don Foster has made his feelings (on the secret trials) "very clear to BT and hope that they will offer a full apology to all customers affected."

He has been informed by the ICO that "the ICO has ruled that the tests were technically legal". So presumably he does not agree with Nicholas Bohm of FIPR.

With regard to the website blacklist - he is informed by Phorm that "they have over 1000 known webmail websites on their blacklist." So that leaves one heck of a lot of the internet still to give or withold their explicit informed consent. No mention of all the other websites whose intellectual property is going to be copied, exploited and profiled. He has said he believes that "for the sake of transparency and accountability, Phorm should make public this blacklist. They have so far refused to do so, but I shall continue to pressure them on this."

He has no problems with the company Phorm, or what they do but does have problems with the way the product has been tested. He has had assurances from BT, Virgin Media and TalkTalk that the system will be opt-IN across the board, along with demonstrations to support that. Great - all they need to do now is communicate with their customers?

He concludes:
"I am convinced the technology is safe to use, and believe that there are sufficient systems in place to notify customers of Phorm and for customers to choose not to use this system."

I'm very dis-satisfied with that reply but note:

BT, Virgin Media and TalkTalk have committed to opt-in. Presumably BT can now confirm that to their customers? US?

Hope this sparks some further debate.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

BT News.

www.webwise.bt.com is back ... but

This time its the same IP as webwise.bt.com, and the same as bt.webwise.com, and the same as www.phorm.com, and the same as www.webwise.com.

Its located in the UK.

IP address is now 89.145.112.31, "PHORM IPV4 ASSIGNMENT". http://89.145.112.31 displays Phorm.com.

I've confirmed via netcraft.co.uk.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Looks that way to me to.

Note - the site is now fully repatriated - the Gyron host is UK.
All the sites use contact handling via custhelp.com and not Phorm/121Media

BUT - the fact that they have changed all this makes DPA reports to ICO about the way this BT Webwise site WAS operating well worth submitting - because it looks like BT have been caught napping and now have stopped what they have realised was dodgy practice (letting Phorm run BT webwise pages over in the States using non Safe Harbor companies, and even sending MORE PII data to Phorm/121Media through the old contact us pages.)

I've copied this info over on to BT Beta forums.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Has anyone pointed out to Phorm that the advice given on http://www.webwise.com/privacy/can-choose-ON.html to the question "I am having trouble keeping Webwise switched off. What should I do?" is incorrect. It should say "Change ISP".

Re: Virgin Media Ad Deal - Would you be opting out?
 

Hang on - I thought Phorm wasn't supposed to track you as an individual (he asked innocently :angel:)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Don't forget oix. sites are also on those two IP addresses.
a.webwise. & b.webwise. are on slightly different IP addresses.

I don't know whether this is relevant or will become relevant but phorm.net is on a different IP address.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I've emailed my MP back with a detailed explanation of why Don Foster's response is both inadequate, disappointing and politically weak. Anyone else willing to give him a prod too? I've told him about the demo and said he needs to meet opponents of Phorm and not just meet Phorm and BT.

---------- Post added at 19:02 ---------- Previous post was at 17:45 ----------

I've done some cookie checking today, and the two sites
webwise.bt.com
www.webwise.bt.com
both process the bt username cookie with the primary email address (appears in dephormation logs of visits to the contact.php pages)

The third bt.webwise.com site does not do this presumably because as a non bt.com site, it doesn't access the bt.com cookies.
The three sites are identical as regards content.
All use custhelp.com for their contact form handling (having mysteriously dumped the Phorm/121Media involvement in that process by last weekend)
So much for transparency on the part of BT.

Once again - it isn't what BT SAY but what they don't say, and what they do while they aren't saying it, that is revealing.

They have responded to exposure by repatriating the BT Webwise operation and by taking the data handling aspect of the BT Webwise contact pages from Phorm.com and giving it to their main Help agents custhelp.com

So anyone who wants to submit a DPA complaint about the old way those pages worked, who has emails with References: headers containing the string Phorm.com or 121Media.com or subject lines with FW in them, do complain to the ICO. He may ignore you, but all those ignored complaints eventually have to be accounted for to the EC. It's tedious but worth doing IMHO.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Is anyone else seeing display problems with this forum? I'm using the latest Opera and the page formating is massive

tia

hOrZa

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Indeed... its vitally important you do this because at some point the Information Commissioner may be replaced (fingers crossed) by someone more capable who will act against BT.

Pete.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

All fine here, Opera 9.27 and 9.50B2

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

For anyone with an interest, I've put up a report of last Tuesday's 10th Anniversary Public Meeting of the FIPR at http://www.inphormationdesk.org/FIPR10.pdf

It includes Richard Clayton's withering attack on behavioural advertising and some interesting comments from the Earl of Northesk, plus discussion of several other key issues.

---------- Post added at 20:53 ---------- Previous post was at 20:43 ----------

Also, I had the opportunity to have about two minutes' one-to-one chat with the Home Secretary this evening. She wasn't aware of what has been happening with the BT Trials and Phorm, and to be fair to her she has some weighty challenges on other issues. Nevertheless, she is now aware that something is going on, and that it is something to do with BT, privacy, the law and the integrity of the Internet.

I think that senior politicians will only start to take serious notice when it reaches the front pages of the papers. I have an idea about this, but it'll take several weeks to bring it to fruition - maybe in time for the BT AGM, who knows?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

you know, it would be so much easyer if we could get the make and model of the DPI kit they are using, alongside the full PDF spec documents, so we could then give him the real deal on what this DPI kit CAN DO with a mear "set <intercept option> ON" at the remote CLI/shell.

failing that exact Phorm gifted model/model...,has anyone got links to the spec tech PDF's of the most common off the shelf Deep Packet Inspection kit in use today, that can help support the general eduction of what they CAN be made to do.

it also seems wise to keep a copy of that new FLV video for any county court small claim anyone might make later.

as happened with the so called bankcharges rush on the county courts, any largescale "small claim" ISP/Phorm/Webwise rush might also eventually have the lower courts move the cases into the higher courts.

and so get a meaningful ruling in case law on this interception/wiretapping for profit matter, without paying lots of high court costs, even if it takes time it might be werth considering at least.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Hi, New BT trial!

http://www.webuser.co.uk/news/255941.html

Dave

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Whacky Jacqui unaware?

No **** Sherlock, half the planet knows that.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

i get that it is not enable even it i click the button and i am on bt??

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

How many days is it

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Deleted (I bored myself :)).

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Thank you for this. One quote below I find interesting, somewhat worrying and I suspect very sound advice

"The Earl of Northesk observed that Freedom of Information requests were more effective than Parliamentary Questions."

---------- Post added at 21:58 ---------- Previous post was at 21:50 ----------

Hopefully, she might start to ask some questions.

Perhaps it needs to make those front pages as a Home Office issue, just to jog her memory!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Yes, but before you deleted you made a good point. Most of the public, unless faced with simple facts and appropriate analogies to real life let their eyes glaze over when anything about computers is mentioned (I did detect a bit of that with Jacqui this evening). All they want to do is to use the Internet to do what they want to do. They don't want to - and shouldn't have to - know how it works. They should be able to trust companies like BT to do that for them.

Getting our message over to the public is our challenge. We're right, but Phorm and their ISPs are relying on it being too difficult or too technical for most normal users to understand or get concerned about the issues.

My aim with inphormationdesk has always been to provide a place where non-technical people can come to learn about what is going on. In that spirit I offer a page I'm working on and would be very grateful if people here could provide feedback. Are these the right points? Are they expressed in the right way? Have I missed any arguments or are any superfluous? Have I been too technical? (probably - I'll be working on this as well) and so on.


1. Webwise/Phorm is Illegal

To carry out the kinds of communications interceptions needed by Phorm, either a warrant has to be obtained or the parties at both ends have to give their permission. This is covered by the Regulation of Investigatory Powers Act 2000. In addition the data has to be kept private and not misused. The Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 provide safeguards against this.

In the BT Trials in 2006 and 2007, consent was neither sought from nor granted by any of the tens of thousands of users affected. The trials flagrantly breached the Regulation of Investigatory Powers Act, and also the Privacy and Electronic Communications Regulations.

The basic principles of Phorm have not changed since then. It involves snooping. Even with user opt-in, website owners will not have given consent for the pages they serve to be intercepted and read. And whether their data is really private or secure is questionable.


2. Webwise/Phorm intrudes on Privacy

Most of us have nothing to hide. But we wouldn’t want a little man following us around all day, watching where we went and what we bought in shops, following us while we played sports or went to the gym, sitting in the corner of the pub listening to us, inspecting our post as it came through the front door, making a note of what clothes we were putting on, reading our books and newspapers over our shoulders and recording where we were going on holiday.

And that’s just what Phorm say they do. They’ll also read all your web-based email unless it’s on one of their recognised webmail services. There will be little they don’t know. The may bundle it all up and assign you to a demographic segment. But that cookie on your PC discloses your likes and dislikes, and it could be used to work out who you are.


3. Webwise/Phorm makes the Internet less secure

Webwise/Phorm operates by adding four message redirects to the way your data is handled by your Internet Service Provider. Webwise/Phorm also forges cookies on your PC which look as though they have come from the websites you have accessed.

This presents opportunities for abuse from within Internet Service Providers and Phorm itself, and more alarmingly from external hackers and fraudsters. Internet Service Providers using Phorm will be much more vulnerable to cyber-terrorist attacks. Ideas on how to compromise Phorm-based systems are already appearing on the Web.

For this reason, if Webwise/Phorm goes ahead many technically-aware people are considering moving to Internet Service Providers which have committed to not intercepting web traffic in this way.



4. Webwise/Phorm may compromise the Internet’s integrity

In the BT Trials of Webwise/Phorm in 2007, messages from users to websites were actually altered by the Phorm system. Phorm offers the opportunity not just for tailoring the advertisements you see, but also what you see on the web.

While Phorm will only be used initially for tailoring advertisements, it opens up many opportunities for interference with the operation of the Internet. How will you know who you are communicating with when your message can be modified by your Internet Service Provider? How will you know that what you are reading on a website is what the website owner wants you to see, or what your ISP and Phorm want you to see?

An Internet which has integrity is essential to our freedom and essential to our economy. Webwise/Phorm puts this at risk.


5. Webwise/Phorm is being marketed dishonestly

Webwise is being presented primarily as providing greater protection from online fraud, with tailoring of advertising a secondary feature. Yet its primary purpose is to make advertising from participating websites more relevant.

Nowhere does BT state that equivalent protection from online fraud is standard with the latest free browsing software which more then 90% of UK users already have. Nor do they state that Webwise works by intercepting, reading and processing nearly everything users do on the Web.

If Webwise is such a good offer for users, why doesn’t BT focus on Webwise’s core purpose and loss of user privacy needed to achieve it?


6. Webwise/Phorm’s business model will be valueless within months

The UK’s Information Commissioner has stated that users must have expressly to opt in to Webwise/Phorm. If they are properly informed that everything they do will be read, it is likely that only a small proportion will opt in.

Even then, the Web’s big operators such as Google, Yahoo, Microsoft, Amazon and eBay will not let Phorm get a foothold. Within months, it is likely that much useful web traffic will be encrypted and so of no value to Phorm.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

On the subject of speed, a potential dirty trick. If BT trial on a single exchange, should users look out for better performance on that exchange during the trial?

If they can selectively ramp that up (by increasing bandwidth on that exchange?) they are likely to be complemented on the performance! One for the techies to keep an eye on?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

A trial version is definetly rubbish because the trial will be slow but the actual thing will be good :D

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I like that a lot. Very good communication aimed at the non-technical. I understood it!
The killer comment though is "But the ICO say it's legal, so what you say must be rubbish" - and that is when the answers have to get technical and we see that glazed look coming over their eyes.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Some suggestions of mine in bold which I am sure could be better phrased! The aim being to bring home just what these laws mean in normal life.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

An interesting article on arstechnica from June 2007 about DPI kit and what can be done with it, contains this quote.

"The rise of "lawful intercept" (CALEA) requirements and the growth of online video (both P2P and over HTTP) are making monitoring and shaping increasingly important to ISPs. Because of the firestorm surrounding network neutrality in the US, ISPs here tend to take a cautious approach to using this equipment, but it's far more common overseas.

BT, for instance, recent became Ellacoya's single largest customer, using its gear to support more than 3 million broadband subscribers. According to BT, deep packet inspection enables them to better monitor their network, but it also allows them to apply QoS to two important services. VoIP, to be useful, needs to move quickly, so BT gives it priority on the network. BT also runs its own IPTV system, with the data apparently flowing over the same network as user data. To prevent distortion in the TV signal whenever half the country decides to download an episode of Little Britain using P2P, BT uses QoS to make sure a fixed amount of bandwidth is always available to IPTV."

http://arstechnica.com/articles/cult...eutrality.ars/

http://www.arbornetworks.com/en/ella...echnology.html

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

One area missed is the exploitation of web content; the thing that makes the web so valuable in the first place is the range of information you can access.

Phorm steal that information, copy it, and use it to sell advertising. That includes stealing information from the personal websites, the niche web sites, the eCommerce web sites, the information sites.

Compared to illicit DVD copying, this is major crime... its mass copyright theft. Like walking into a library and photocopying every page of every book anyone reads, but on a nationwide scale.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I'm not sure if this has been covered.

http://www.samknows.com/broadband/ne...ckets-368.html

Has not Kent told us elsewhere that the internet is 3 companies and a bunch of amateurs, or words to that effect?

I'm sure he did not mean BT, VM and CPW! Another case of different sound bites for different audiences?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

No Simon said maybe legal remember the "maybe"

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

If this re Google & privacy legislation can make the BBC home page under science & nature, why on Earth can't the Phorm issue?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

According to the Register http://www.theregister.co.uk/2008/02...orm_documents/

""ACE" is a piece of Cisco hardware - its Application Control Engine. Details on the kit are here. F5 hardware performs similar functions, more here."

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Expected to list from around £22,500, ACE is designed to front-end browser-based applications running on a server-farm. It includes capabilities such as SSL offload, web proxy, load balancing and security - for example, it can scrub incoming requests to remove buffer overflows and deliberately malformed queries so they never reach the servers.

After reading this the thought of how many they might need and costs when the company shares are spirrelling down again. Most likely some old slow PCs plugged into BTs network using linux to do the job.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I have complained numerous times to the APWG (Anti-Phishing Workgroup):

http://www.antiphishing.org/

and have been in email contact with one of its members. I explained how the FIPR and Richard Clayton believe the system is illegal, and how the EU now believes it may also fall foul of EU regulations.

The person I was in contact with said that he brought up the issue at the AGM, and they have decided that Phorm can continue to be a sponsor, though not on the Steering Committee (was this ever a possibility!?)

My latest reply again explains why many people believe Phorm to be illegal and how the issue may end up in court.

Interestingly, in the last email from the APWG, he said that Phorm was working with several anti-Phishing and 'Brand protection companies' to 'improve their service'.

So it seems Phorms latest scheme is to try to gain legitimacy by working with anti-phishing groups.

You can contact the APWG here:

pressrequest@antiphishing.org

info@antiphishing.org

reportphishing@antiphishing.org

Tell them what you think about Phorm being an APWG sponsor.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I have e-mailed the APWG several times and they haven't even given me the courtesy of an acknowledgement let alone a response!

As long as Phorm are feeding them cash APWG will continue to accept it.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Alex-

You stated a while back that Google was aware of the Phorm situation and was working on 'something'. Any further news about this?

If you can't say what they are, exactly, can you at least confirm that something is in the works for the near future?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I've had confirmation from BT that Phorm were running their BT Webwise sites and also the BT Webwise contact form- they were forwarding the details to BT for processing. I'll post the replies later. They also say that although this was legal they have stopped phorm handling the contact page.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

heres something to have lots fun with if you cant be bothered to shoot and upload some *video for the Phorm petition/Protest.


go to it and make sure to fill in the latest anotate and links and comments on the BT/Phorm emailing server locations.
http://arstechnica.com/news.ars/post...arch-game.html

http://re.search.wikia.com/search.html#phorm

you might also want to add comments and interrelated serch links for the
http://re.search.wikia.com/search.html#noDPI entry too alexander/others...

* http://nodpi.org/?page_id=5/on-topic...e-1/post-7/#p7

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I have had a reply to my request for a response from the Home Office about the interception of communications. I don't see anything new in this but for the record...

Hank

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Sorry chaps but I think you're barking up the wrong tree on this one. An ACE module *does* have some dpi functionality, but that doesn't make it dpi kit in of itself, it's primarily a load-balancer. You could also count the number of techies at BT with the requisite level of knowledge on ACE modules (to use them to their full extent) on the back of frogs penis.

ACE modules are also not the most configuration friendly kit in the world :erm:

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

http://toolbar.netcraft.com/site_rep.../a.webwise.net

...returns...

Netblock Owner IP address OS Web Server Last changed
Phorm IPv4 Assignment 89.145.112.40 F5 Big-IP Apache 3-Jun-2008

Update; the BT docs mention both ACE and F5

Which then begs the question, if BT do not have the skills to install and operate ACE kit, who does?

"Alongside the CIO, successfully tested 121Media’s product in a BT datacenter for a one month trial period on 10,000 users" in an online CV.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Contractors I would expect.

Also, re-aquainting myself with the diagrams ;) shows that the ACE module simply hands off the http requests to the F5 L7 switches which seem to be doing the donkey work.

Something else has just occured to me. BT Retail are planning to phase out PSTN in favour of VoIP. What would you like to bet that this traffic will also end up being 'profiled'? Then it really will be *exactly* like tapping your phone connection.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The ISP's are utility providers. My electricity supplier doesn't make any money out of my TV viewing or my washing machine - why should they? I pay my ISP for Net access - how do they not gain? Content providers are at the mercy of the market - ISP's are the only ones guaranteed payment under all circumstances.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

"Talking about the Attack of the Clones" & or "Smoke & Mirrors"; we seem to have "a Gorilla Walking slowly across the stage in front of the Audience"

Name: phorm.com
Addresses: 89.145.112.31, 89.145.112.32
Aliases: www.phorm.com

Name: www.oix.com
Addresses: 89.145.112.31, 89.145.112.32

Name: www.webwise.bt.com
Addresses: 89.145.112.32, 89.145.112.31

Name: webwise.bt.com
Addresses: 89.145.112.32, 89.145.112.31

Name: webwise.com
Addresses: 89.145.112.31, 89.145.112.32

Name: webwise.net
Addresses: 89.145.112.31, 89.145.112.32
Name: www.oix.net
Addresses: 89.145.112.31, 89.145.112.32
I believe this is is a practive frowned on; cloning IP addresses on the WWW can lead to unwanted side affects!
"But the real kicker is which one of these Companies if not all have access to any details entered on the www.webwise.bt.com contact pages?" THAT IS WHICH ROUTER FOR THAT URL DO THE DETAILS CONNECT TO?

---------- Post added at 09:35 ---------- Previous post was at 09:32 ----------

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I see another email winging its way to Ian :D I hadn't thought of that plus wouldn't phasing out pstn also mean that the equipment might not be compatable with the newer technology and cause issues in security?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

you don't need to think about routers - you can just read BT's admission that the company which HAS had access to the information entered on BT Webwise contact.php forms was Phorm.

Email(s) received by me (and also Miles Golding over on BT Beta forums) in response to enquiries on that contact.php stated as follows: (see also my earlier posts with evidence of References header contents and FW in Subject line)

Dear Mr. Jones,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

Regards,
BT Webwise Helpdesk

and

Dear Mr. Jones,

This email should be covered in the last email to this email address.

Regards,
BT Webwise Helpdesk

________________________________

From: ***, **** on behalf of *****-webwise@yahoo.co.uk
Sent: Thu 29/05/2008 07:27
To: BT Webwise Help Desk G
Subject: RE: BT.webwise.com Contact Request



Thank you for your reply.

Why does your reply contain the header
References: <**********.*************@ww3.phorm.com> ?

I thought I was talking to BT when I filled in this form. Has any of my
personally identifiable data gone to Phorm?

Are YOU Phorm?


and

Dear Mr. *****,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

The bt.com site includes functionality which enables it to remember users for the duration of their session (i.e. from when they sign in to when they close their web-browser), in order to provide a smoother customer experience and prevent the need to repeatedly log-in or re-state preferences. This is done by using a secure single-sign-on solution which employs cookies. The design of that system prevents unauthorised access to a user's logged-in session.

Regards,
BT Webwise Helpdesk

Now add that lot to what Dephormation logs show, and to what BT WERE doing with Phorm via this site (but say they aren't doing any more) - and there is IMHO a case to take to the ICO for the Commissioner to suck on. Sould I send him a teething ring along with the letter - surely his teeth will grow through eventually?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

deja vous

Dear Mr. xxxxxxx,

Phorm currently operates the Webwise information site (www.bt.com/webwise <https://mail.bt.com/exchweb/bin/redir.asp?URL=https://mail.bt.com/exchweb/bin/redir.asp?URL=http://www.bt.com/webwise> ) on BT's behalf as a trusted partner and with BT's explicit consent (this approach is not uncommon). We are confident that this does not pose any security risk.

In order to host the site on our behalf, Phorm have also been hosting a contact form. This required Phorm's systems to forward customer contact requests to BT for processing. It is not a requirement for us to obtain customer consent for this hosting and processing arrangement, but I can assure you that we comply with the relevant law. As of last week and as part of ongoing developments, we have amended the site so that it uses standard BT contact forms in place of the form hosted by Phorm.

Regards,
BT Webwise Helpdesk

admittion that phorm have been hosting the site and had their hands on the data before forwarding it to bt

peter

my reply back to BT

*****************Thankyou for the reply but I still have the following outstanding queries

Why should I have to block cookies for a service I do not want and that invades my privacy by watching my browsing at network level.

I have 6 machines in my house why should I have to do this due to BT's and phorms lack of technical ability to provide a trial with correct authentication and safeguards in place that mean only the account holder has the ability to make the initial change to my T's and C's

How will I know if a subaccount holder has agreed to PHORM and changed my contract ?

BT should be making sure the trial is conducted in a way where the account holder only has authority to accept the service as it requires a change in the term and conditions of my contract with BT

When opted out is my web traffic still passed via a profiler (even if ignored) or my taffic profiled but no targeted adverts served to me, or is my traffic passed direct out onto the internet vai a different route thus bypassing the system altogether (unlikely as apparently I will get reminder adverts about webwise system being turned off and click here to turn it on?)

If I block the domain I will not be aware of when you start spying on my browsing

Can you confirm the statement earlier in the email from one of your colleagues that unless I agree to PHORM my terms and conditions will not alter, so I will not be allowed to terminate my contract due to material change to T's and C's?

If a subaccount holder accepts the change to my T's and C's during the trail how do I get it reverted to the original contract as they would not have had the correct authority to make this change

Does the trail require me to accept a new contract or is it only the full service when released

Regards
*****************************

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

That seems to have been changed today - the pages which said ON and OFF now 404.

I think we are keeping them hopping!

(Spotted by tdadyslexia)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

got some discussion going on the bt page at III.co.uk

http://www.iii.co.uk/investment/deta...scussion&it=le

and someone has recomended my comment, also interesting comment

snip
I quote from the Chairman's blurb in the just received Annual review and Notice of Meeting:
"Being number one for service in our own sector is no longer good enough. We have to make outstanding customer service a differentiator for BT."
As far a i can see, they haven't been no. 1 for a long time. Two of the IT specialists in my local business club have strongly recommended me to stay away from BT because of their atrocious customer service to domestic consumers and small businesses. Are we about to re-elect a wafflemonger to the Board ?
Then there is the Phorm issue.
end snip

the message is starting to get through to investors

peter

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

As the regulators are not backing us at present, I think maybe we just have to embarrass BT as much as possible. Publicly humiliate them by exposing every underhand or ridiculous thing they do. Expose the shenanigans behind the scenes, the frantic changes to BT Webwise, all those shared IP's and make them look either silly or incompetent - not a difficult task really.

And make sure that people who have been "phormed" by Kent's PR juggernaut get told the truth.

I think the legal victory is a long way down the road and will need to wait until the ICO's milk teeth grow out. It's a PR battle at present.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I wonder if someone with an account on iii might like to post the following link:

http://www.iii.co.uk/investment/deta...&orderby=value

---------- Post added at 11:03 ---------- Previous post was at 10:58 ----------

http://www.cableforum.co.uk/board/members/42897.html

PhormUKPRteam Last Activity: 13-05-2008 10:56

I think it's pretty obvious they couldn't stand the ridicule every time they logged in which is why they now are just watching as guests.

Come on PhormUKPRteam stop being cowards and log in - we know by the way you respond to issues raised in here that you are reading every post in this topic. You're fooling no-one by not logging in!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

a better one is http://www.iii.co.uk/investment/deta...on&triggers=on

look at my comment on http://www.iii.co.uk/investment/deta...le&submitted=1


phormpr don't want to come and play :bigcry::bigcry: spoilsports

peter

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Might be worth keeping a close eye on these IP ranges as I have rocked the boat asking about the routers the contact us links to and about the WWW possible later issues. :)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

may be getting investor attention

just posted by an investor over on bt page at iii

********
It takes years to establish a good reputation, and 5 minutes to lose it. If BT management means what it says in the Annual Review, then they should be staying well away from anything that gives the impression that BT is not a quality company. Action, not waffle, Mr Chairman !
**********

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Bluecar1, I just read your comment on iii phrm.l page..

:rofl: sounds like a new breakfast cereal :D

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

If it was a new breakfast cereal then the milk would be arsnick

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

...With added moral fibre?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I've posted the Heat Map as you requested on the ii discussion board. Nice to see Phorm in that bright red final square - well spotted. The last week has been unprecedented for the long negative climate for Phorm, and I've been watching the stock for a few weeks now, not just the price but the trades/volumes etc.

Remember BT, gloves are off, we're watching you watching us, and we're really enjoying listening to what you aren't telling us, and watching what you don't want us to see you doing. It's all most instructive.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

If only...

http://startupearth.com/2008/04/12/p...ropping-phorm/

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

shame that was mid april, seems like as the article suggests BT were lying to the customer to try and keep him onboard

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

At least 1 ISP is bending the Protocols laid out for safe WWW usage.

Different Companies should not have Duplicate IP Addresses, it is in fact the same as Cookie forgery!

http://all.net/journal/netsec/1996-06.html

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

So who do you complain to?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Ghostbusters :monkey::monkey:

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I apologise if I have misread all of the posts, but I think you may have the wrong end of the stick so to speak regarding ip address duplication.

It is entirely possible for multiple websites to have the same ip address. In this instance they would all be running on the same server, it all works by using the host headers sent by your browser (or virtual hosts in the apache world). I don't believe they are duplicating ip addresses, if they did the results would be totally unpredictable eg you could visit one website but get another depending on which server responded first etc.

Apologies if you are already aware and I misunderstood all the posts, but I thought it best to point that out before complaints were raised. ;)

Regards...

T

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

That's standard http 1.1 operation isn't it?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

yes it is.

I just got the impression that people thought there were multiple physical servers using the same ip address so thought I would check. :)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I was thinking the exact same thing. This is very common and perfectly legitimate practice. Hosting companies could not work without host header resolution, as they would run out of IP Addresses in no time flat. Unless the whole world moves over to IPv6 it would be impossible for all websites to have unique IP addresses.

---------- Post added at 15:43 ---------- Previous post was at 15:40 ----------

They could be on separate servers, as they could be on a network behind the firewall. Something at firewall/router level would just be looking at the Host Header and routing it to the various different physical servers. But to the user/client - they all appear as one IP. This is all OK tho.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Yes, the F5's and Cisco ACE modules perform exactly this type of thing (if I recall correctly, I'm not a network bod) but it would be transparent to the end user.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The real concern is not just the joint IP address which resolves as you say usually to one Server & is then routed properly to it's destination.

It is this particular mix of companies behind this Server & the way they are internally routed & linked.
Given that Webwise, Phorm, BT & Oix are currently involved in the Webwise System, which is trying to pose as an Anti-Phishing System when it is in fact an AD Serving DPI mirroring abomination!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I really can't say anything about Google at the moment especially given new evidence which came into my possession today which I need to talk to Google lawyers about (no Google did not do anything wrong but they have been wronged) so I need to speak to them before I disclose anything on the Google front.

Just to reiterate, I am now in possession of some very important evidence regarding the 2006 trials. I will be writing an article about it shortly and I think it is going to shock even the most cynical among us.

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I totally agree, I just wanted to clarify that the suggested ip address forging was not the case.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Goodness Alexander, stay out of dark alleys and away from the path of speeding busses won't you! :angel:

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Now that we have established that the Police are, in fact, responsible for investigating potential RIPA 2000 breeches, it's important that they have any available evidence ASAP. Have you provided it to them already? I don't want to wait for your article (hehe) but if you need time to prepare presentation of it for the police first I think that is the legal priority and we would all understand that...

Intriguing.....!

Hank

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

That statement would normally be true, but this assumes that "this internal network" is directing to the correct user supplied URL & not being re-routed around the network (depending on the URL), in order to add subtract data from the Web Page.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

That is a very fair point, one which I hadn't considered. I would imagine that it would be possible for BT (or whichever ISP) to duplicate an IP range internally and route traffic to there instead of the real ip address (although this would only work internal to BT's network as you say). I'm not sure what purpose that would serve though and given the sites that we know are on that server I think it would be unlikely they would be doing that.

I am sure checks could be done from a BT line and non-BT line to compare the two though.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Okay I'm getting prepared for a shock. Practicing weighting myself down, deep breathing, 15 minute running on the spot exercises (next to PC of course so I don't miss anything)... 999 on speed dial!

practice my :shocked: look

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

If it doesn't shock me, does that mean I'm beyond hope?

Keep up the good work Alex and publish that article before I go on holiday won't you!?

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

When I visited the link to startup earth I found this dated June 2nd.

http://startupearth.com/2008/06/02/p...police-action/

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

all good press don`t you think.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

http://nodpi.org/?p=10

Digg link at the bottom of the article.

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I added my comments, but it is awaiting moderation ;)


The criminals in Russia (and Scleparis) will be laughing all the way to the bank as they know that the Russian constitution does not allow for criminals to be extradited to the UK for criminal prosecution. ( re: Litvinenko's killer )

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Go Alex! Go Alex! It's yer birthday! It's yer birthday!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

The first article is up, see previous post :)

Alexander Hanff

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Dugg :)

And well done on the new scoop... this is pretty much the smoking gun that many people have been waiting for.

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

I can't wait to read the full document. Keep up the good work Alex. I suspect Emma may have to practice her stammer again. ;)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Excellent! More ammunition to put these crooks behind bars. Good work!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Fantastic news!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

OMG!!! :shocked: :shocked: :shocked:


clutches heart!!! caaaaarrrn't qqquite reaaccch the speeeeeeeeed dia... THUD!

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Hello all,

just wanted to announce Dephormation 2.1 has been formally released on Dephormation.org.uk

This release includes important new features;

• Browser status logging (both to the FF2 error console, and to file)
• BT Webwise alerts (including leaked BT.com cookie advice*)
• Experimental Nebuad countermeasures

Download from here;

http://www.dephormation.org.uk/

Dephormation will not protect you from Phorm. You need to find an ISP.

regards
Pete

* Especially for Rob

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Dugg, Boy Alex you don't do things by harf, that information is shocking, keep up the good werk Alex. ;) :)

Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
 

Likewise.. :D

Now lets see you lie your way out of this one BT....

Looking forward to demo even more now!!!

Hooah:D