Quote:
Originally Posted by phormwatch
TOR would work, in so far as your communications cannot be traced back to you. However, at some point, there needs to be what's called an 'exit node', which means that at some point, an unencrypted request to a website needs to be made. If Phorm has its spyware software on the ISP on which this request is made, then it can be intercepted.
However, I don't see how that would be profitable for Phorm or any OIX partner: lots of different requests from many different people will come from the same exit node, therefore the targeted ads will be completely useless.
|
If the exit node you are using was on a phormed ISP connection, or if phorm were to run their own exit nodes, then the Phorm Webwise UID would be unique for each person's browser, so each person would be tracked individually.
Providing a Tor exit node, or running a public proxy would be a good way to test phorm - in fact the leaking javascript in Phorm's 2006 tests contained a variable which indicated the ISP that was running the test, and one of the values was "I.PUBLICPROXY".
I guess you could monitor your traffic for webwise.net redirects and Nebuad faireagle.com requests and blacklist exit nodes that exhibit those symptoms, however you'll have no guarantee that the owner of the exit node isn't monitoring your activity - TOR aims to provide anonymity not privacy - Also if you intend to use a proxy such as tor it is wise to delete all your cookies first because a dodgy exit node could use man-in-the-middle type exploits to trick your browser into sending cookies for any site they are interested in so that it can capture them.