Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
It may be better to get in touch with the Computer Crimes Unit though. Anyone know if all forces have these, or just the big ones? Phormwatch, a good idea though if we have still got nowhere. A big symbolic march to the local nick in front of the media! |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
|
Re: Emailing police
Quote:
Alexander Hanff ---------- Post added at 01:45 ---------- Previous post was at 01:41 ---------- Quote:
Possibly a good way to end the protest at the end of the day I think. Alexander Hanff ---------- Post added at 01:46 ---------- Previous post was at 01:45 ---------- Quote:
Alexander Hanff |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Terrorism is sexy – computer crime doesn't even come close. Is this the real reason why they are hesitant to investigate? The police will need to build enough of a case to present to the Director of Public Prosecutions who decides whether there's a good chance of the crown winning a court case which will cost the taxpayer millions. Reduced availability of technical expertise to front line officers is going to severely hamper that process. Astonishingly, currently most regional forces would not even be able to search eBay for stolen goods... :rolleyes: |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
OK the march from the Barbican to the nearest met police station is 1.5 miles (Charing Cross Police Station on the Strand). We should be able to walk straight down Fleet Street and The Strand to get there, which is somewhat convenient for press coverage :)
Alexander Hanff ---------- Post added at 03:28 ---------- Previous post was at 02:40 ---------- Some more info. The BT Centre (BT HQ) is just down the road from the Barbican (and enroute almost to the Met Police). So as I am hashing this together in my head, I propose the following: Stage 1: 10:00 - End of AGM Protest starts outside the Barbican until the AGM finishes. Hopefully this will be sometime around lunchtime. Stage 2: 12:00 - 14:00 Guest speakers. It would be ideal to have this outside the Barbican because I expect it gets quite a lot of foot traffic during lunch time. Stage 3: 14:00 - 16:00 Protest outside BT Centre. Stage 4: 16:00 - 17:00 March to Charing Cross Metropolitan Police Station via Fleet Street and The Strand. Once there we hand over the case file and a petition, requesting a crime reference number and an official statement on whether or not they intend to investigate. During all stages there will be a petition available for people to sign, demanding that the Metropolitan Police investigate the covert trials of 2006/2007 under RIPA, Computer Misuse Act, Fraud Act. This petition will be supplemented with: Dr Richard Clayton's Technical Report Mr Nicholas Bohm's Legal Report Home Office statement saying it is the responsibility of the police EU Commission Statement stating it is illegal My Dissertation Signed and witnessed statements from victims of the trials We will put together some digital media for people to download and printout as fliers. I will try and get some sponsorship from somewhere so we can hire a PA and Generator for the speeches. If not we will need to find someone with a PA and Generator who doesn't mind them being used for the event. Placards are obviously going to need sorting out as well (so start getting your slogan ideas in). I will send a formal letter to the Met next week telling them about the event and explaining it will be a peaceful protest from 10am - 6pm ending with a March from Newgate St. to Charing Cross Met Police Station. I will include a full itinerary with the letter. That's how I envision the day going at the moment. I am happy to hear any suggestions people may have. Alexander Hanff |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
i dont know if these mobile phone streaming services will work, but i thought id remind people that they exist, if you want to try and set one of them up if you have the right phones etc, and test them ready for use on the protest perhaps.
there may be some interesting bits of activity that are werth capturing for later reference or near realtime public video record of police refusal to give a crime No. etc. OC mobile phone 14 FPS Video isnt great, but the sound quality for the qik service seems to show its good enough, so werth a go perhaps if your video camera battery gets drained with overuse http://www.dailywireless.org/2008/05/19/7771/ http://www.comvu.com/comvu/Support.htm talks about a 2007 beta but DW references it as though its still beta?... http://qik.com/ seems to be functioning although again that makes reference to invites? http://qik.com/blog http://qik.com/info/faq ---------- Post added at 05:28 ---------- Previous post was at 05:11 ---------- http://usatoday.jiwire.com/wi-fi-wir...re-1250985.htm Here are details on the Wi-Fi hotspot at Barbican Centre, Silk Street, London, England, GB,WiFi Zone - The Cloud. interactive picture but heres the static pic from there http://usatoday.jiwire.com/usatoday-...-default.image ---------- Post added at 05:34 ---------- Previous post was at 05:28 ---------- iv not looked very hard, but it seems if theres only the cloud there, then Fleet Street and The Strand will be a problem for laptop wifi connections. 3G mobile broadband will work OC but thats more restrictive and costs per Mbit usually... |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
But even if you ARENT logged in to bt.com if you go to Webwise then it acccesses the BT login information and Pete is investigating how much of the cookie information may be getting sent to phorm. We're watching BT watching us. |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
BT CUSTOMERS BEWARE
To repeat last nights warning in plain English...Do not log into the BT site, then visit any Phorm/third party operated BT.com web site. Sites Potentially Affected Include webwise.bt.comExplanation BT seem to be using a 'single sign on' product (called Siteminder) which allows you to log in once and gain access to any BT.com web site without being prompted for your user name or password. This is convenient, you sign on once and gain seamless access to all BT.com web sites. During the login process cookie values are set for all BT.com web sites (cookies which include your email address, and a security credential which authenticates you to BT.com web sites). Your browser will present those cookies to any BT.com web site trusting that those sites would not exist without BT consent. This will include BT.com web sites operated by Phorm/third parties outside BT's network, such as webwise.bt.com and www.webwise.bt.com. This creates a security and privacy risk for the following reasons. A security risk is created because an untrustworthy third party able to operate a BT.com web site, who is able to impersonate your IP address, and present a copy of your security credential, may be able to access your BT.com services and account details. This is called a replay/spoofing attack, a known security risk in single sign on solutions. A privacy risk is created because a third party able to operate a BT.com web site has immediate access to your email address, whether or not you choose to enter that information. This allows third parties to link your email address and IP address simply by visiting their web site. When Webwise/OIX is trialled, third parties would be able to link your email address, IP address and Webwise UID. If you delete your Webwise UID cookie, third parties would be able to link old/new Webwise UIDs knowing your email address. Cookies Affected SMSESSION = (Netegrity site minder encrypted cookie)Conclusion By allowing Phorm to operate a *.bt.com web site... BT may be giving your email address, and security credentials away to Phorm. Sites like bt.custhelp.com and bt.webwise.com will not be affected (because the browser will not recognise them as BT.com sites). If my analysis is correct (I'd appreciate independent confirmation by a BT subscriber with Netegrity Siteminder knowledge, or sufficient tech insight to confirm the presence and configuration of the cookies manually) this is a very serious privacy and security flaw. If I'm proved incorrect I will (of course) immediately post a retraction, but until you hear otherwise you may prefer to log out of BT.com before you visit webwise.bt.com or www.webwise.bt.com. |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
If I'm correct, the solutions BT need to implement are one of Either Spoiler:
or Spoiler:
or Spoiler:
Pete |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
http://webwise.bt.com/webwise/contact.php is redesigned with two submission options for contacting or complaining! Both now point with url links to contact forms on bt.custhelp.com locations which is different from yesterday where they were javascript and ended up with ww3.phorm.com via a webwise.bt.com location |
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
They objected to the pages being reported as phishing and strongly denied this was the case. However the fact that they've changed them so quickly proves one thing: they know they were in the wrong.
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
*CONFIRMED*
The btcom.userName/btcom.dateVisited/btcom.isLoggedIn are 'domain cookies' that will be sent to any *.bt.com web site... including webwise.bt.com and www.webwise.bt.com... revealing your email address to Phorm (simply by browsing the pages on webwise.bt.com/ www.webwise.bt.com). I've asked Rob to do an additional test; I suspect btcom.userName cookie remains set even if you have logged out of bt.com... If so, this would make your email address almost unconditionally available to third parties such as Phorm if you have ever logged in to BT.com. And presumeably it has been leaking email addresses for months. |
All times are GMT +1. The time now is 10:35. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.