Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 12-07-2008, 17:56   #11633
pseudonym
Inactive
 
Join Date: Apr 2008
Posts: 76
pseudonym is on a distinguished roadpseudonym is on a distinguished road
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Dephormation View Post
I've added another server side 'dephormation' method.

I'm ashamed to say I've lost track of the person who first suggested this to me, and I wish I could say the idea had occurred to me first, but it didn't. The code removes Phorm cookies from your domain, and sets the user to 'OPTED_OUT'. Not necessarily suitable for all sites (esp those with no cookie policies), and obviously completely dependent on the method Phorm ultimately use to inject their parasitic evil into your communication traffic

No code to write, simply copy my php into your web site folder, and plonk an image on your pages like the one below (or a better one if you're a graphics wiz).

If you're on shared hosting you might even be able to opt out all the web sites on your shared host, by setting the 'domain' parameter value in the setcookie functions appropriately. Eg, blueyonder.co.uk. Wonder if that would work?

Update; rats, of course it occurs to me you're still at the mercy of Phorm... they still copy your content regardless. It just makes it harder to profile the user. SSL that's what you really need. No two ways about it.

{FirePhorm}
Request URL: http://www.dephormation.org.uk/serve...phormation.php

(Originating URL:http://www.dephormation.org.uk/serve...phormation.php)

Method: GET
Host: www.dephormation.org.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: webwise-test=SYGGfXWiQMuawIuR0qMJxw||
Cache-Control: max-age=0


Response - status = 200

Connection: close
Date: Sat, 12 Jul 2008 15:47:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET, PHP/4.4.6
Set-Cookie: uid=deleted; expires=Fri, 13 Jul 2007 15:47:45 GMT
OPTED_OUT=YES; expires=Wed, 28 Sep 2016 15:47:46 GMT; path=/
Expires: Sat, 1 Jan 2000 00:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: image/png





I think you might be creating the wrong type of cookie there. (uid & OPTED_OUT are webwise.net "master" cookies)

According to R.Clayton the phorged cookie will be labelled / contain "webwise" and the value of the opt-out cookie will be "OPTED_OUT".
pseudonym is offline