Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 17-04-2008, 19:07   #3864
Rchivist
Inactive
 
Join Date: Apr 2008
Posts: 831
Rchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of QuadsRchivist has a fine set of Quads
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by AlexanderHanff View Post
OK some more details on next week. It is going to be a kind of David and Goliath scenario, just myself and Kent will be present, so I am going to pick out the pebbles which will give the most accurate flight from my sling.

The show will be recorded at Olympiad Exhibition Centre during ITSec next Tuesday.

This of course means, I will be at ITSec before and after the interview so if any-one is at the conference and wants to meet up for a coffee and a chat at some point give me a shout via PM on these boards.

Alexander Hanff
My first post here - as a BT invader.

First - thanks Alexander - great work. I'm a BT customer and our forums are being rather heavily censored at present and an active Q&A thread and a Discussion thread have been locked by moderators. We are getting zilch from our ISP at present in terms of answers and the one BT Beta forum thread we have left, is rather quiet.

I have posted a list of my personal unanswered questions on the BT Beta forum

http://www.beta.bt.com/bta/forums/th...ID=17985#17985

The post is R Jones, Posted: Apr 17, 2008 12:25 PM

my questions are: (some of them are obviously BT specific and will be batted back by Phorm as needing an answer from the ISP concerned)

1 - the issue of informed consent from Webmasters for Webwise/Phorm to intercept and profile the data exchange with their website visitors remains unanswered - both publicly and privately. My sites explicitly refuse consent for Webwise/Phorm to profile data exchanged with visitors and Phorm have not yet said how they will respond to that. How are Webwise/phorm establishing informed consent from webmasters?

2 - the issue of user-agent identity or other means that Phorm can be selectively individually blocked in robots.txt remains unanswered - how do we block Webwise/Phorm from our sites while allowing in search engines that we want to crawl our sites?

3 - Phorm (Kent Ertugrul) still seem to think that layer 7 interception of ALL web traffic is the same as a surfer voluntarily choosing to visit google.co.uk (and a user can already anonymise their google cookie if they wish to using third party tools).

4 - website cookie forging by Webwise/Phorm remains murky and unexplained by Phorm - who gave anyone permission to forge a cookie purporting to come from one of my registered domains?

5 - redirection of browsing traffic up to 3 times before we get to the sites we orginally asked for in the first place, is not explained by Phorm but only discussed by the indpendent reviewers.

6 - What will happen to the "browsing experience" of a BT customer who adds all the various oix/phorm/webwise domains to his HOSTS file, once Webwise/Phorm is in place, remains unexplained

7 - What are the security implications of the cookie forging, and browser multiple redirections? How easily can a malicious website identify, copy and then sell on the Phorm user ID number from a visitors computer? Dr Richard Clayton indicates this will be a relatively simple process to carry out. The malicious site then have a useable, saleable item to combine with any information they already have gleaned about the individual concerned - the malicious website information plus the Phorm user ID are worth a fair bit on the open scumware market.)

8 - What will happen to browsing (and the Phorm business model) when browsers like Firefox (and security software vendors) start to look at layer 7 redirection and treat it as suspicious acitivity? (Much as they have with popups, phishing protection, and 3rd party cookie detection)

9 - when will BT openly reveal the consumer research (including the questions used) that gave them the idea we as customers, WANTED this stuff? It's no good Emma Sanderson going on TV and talking about customer research if she won't openly publish the evidence. We have gone well past the stage where we trusted anything a BT or Phorm spokesman said in public - too many documented examples of BT saying things publicly that turn out later to be untrue.

Once again, Alexander, thanks for all the hard work, and also to Captain Jamie for the videos.
Rchivist is offline