Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 03-08-2008, 16:53   #13190
lucevans
Inactive
 
Join Date: Jan 2007
Posts: 272
lucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of light
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by madslug View Post
I just wanted to bring this post back into clear sight as I suspect it may have got lost amid all the posts last night.

Even with very low security settings, the only cookie the webwise site offers me is a php session cookie. Surfing around the webwise site, it sniffs my ISP and tells me that my ISP has not yet enabled webwise.

Also, if I use the Google cache of the opt-in/out pages, trying to pick up either version of the cookie results in a 403 response from the server. This is the same as I have seen for a few months now.

If there is anyone here who still uses VM, BT or TT (or any of their subsidiaries) can they post whether or not they are also seeing cookies in the a.webwise.net domain?

These cookies are a bit odd because BT have always said that blocking cookies in the www.webwise.net domain will prevent the profiling.

Time for a bit of clarity from Webwise: which domain is used for the UID cookie?

Or, will it be like the 2006/7 trials where every ISP had a unique identifier?

When you think about it, if everyone has the same domain for the cookie, how will the OIX script know which ISP to pay after displaying the ads?
Sorry my post last night may have been a bit confusing: I actually went out of my way to see if I could get the webwise website to place a Phorm cookie on my system via my Virgin Media cable connection as follows:

I had to navigate through pages of badly-linked stuff on the site, but eventually got to the following page:

http://www.webwise.com/privacy/opt/in.html

where I clicked on the link called "Switch ON Webwise".

This dropped a cookie on my system called uid with the path /services and an expiry date of 4th August 2009.

The content of this particular cookie (which I have since deleted) was ZrUyKoAJTTeD6iXeivlOpA|| which I believe adheres to the format outlined in Richard Clayton's paper (Quote:"Phorm told us that the UID which is allocated to the user is a 16 byte value chosen at random. That is to say it is just a number. It is not, for example, an encryption of some data that might later be decrypted. The actual value sent on the wire will be base-64 encoded, so it will be seen by humans as a 22 character string.")

The website that my browser (Safari) attributed to this cookie was a.webwise.net

All this was done over a Virgin Media cable connection via cpc1-pete8-0-0-custxxx.pete.cable.ntl.com

I hope this clarifies things for those who were worried.
lucevans is offline