Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 11-05-2008, 14:19   #6327
BadPhormula
cf.addict
 
Join Date: May 2008
Posts: 133
BadPhormula will become famous soon enoughBadPhormula will become famous soon enoughBadPhormula will become famous soon enough
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Wildie View Post
Interception
from wiki
In September 2007, Dan Egerstad, a Swedish security consultant, revealed that he had intercepted usernames and passwords for a large number of email accounts, by operating and monitoring Tor exit nodes.[6] On November 15, 2007, he was arrested on charges stemming from discovering and publishing this information. As Tor does not, and by design cannot, encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic which is not encrypted at the application layer, e.g. by SSL. While this does not inherently violate the anonymity of the source, it affords added opportunities for data interception by self-selected third parties, greatly increasing the risk of exposure of sensitive data by users who are careless or who mistake Tor's anonymity for security.

sounds like phorm to me but me not a that bright.

Well at the exit point out comes your plaintext request (assuming you don't use a HTTPS service) to the destination server. This plaintext can be monitored for private details and so it would be the responsibility of the user not to put private details into the plaintext system in the first place.

However for general profiling usage (without a private detail) the snooper has no way of knowing who that person is as it cannot be traced back to an individuals IP address. Another more extreme system (I'm sure we will see more of these in the near future) is 'cloud surfing'. Only one trusted person needs to read an entire website e.g. 'The Register' and this individual would then become 'The Register' proxy, the next guy is responsible for surfing the entire 'Slashdot.org' and so on and so on. As far as 'The Register' and 'Slashdot' are concerned now they have just 1 (one) reader! Goodbye Advertising revenue! (I just used those sites as an example because they are popular and have thousands of readers, they could potentially exploit - not that they probably would But who knows these days???)... Also note this will probably run into copyright problems, as it is an Internet guerilla tactic. (but needs must when the devil drives )

---------- Post added at 14:19 ---------- Previous post was at 14:16 ----------

Quote:
Originally Posted by serial View Post
We can always go back to using bulletin board systems
retro
BadPhormula is offline