Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 08-08-2008, 10:57   #13488
Dephormation
Inactive
 
Join Date: Apr 2008
Location: Bristol
Services: Aquiss.net and loving it. No more Virgin Media, no more Virgin Phone, no more Virgin Mobile.
Posts: 629
Dephormation is a name known to allDephormation is a name known to allDephormation is a name known to allDephormation is a name known to allDephormation is a name known to allDephormation is a name known to allDephormation is a name known to allDephormation is a name known to all
Lightbulb Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Andrewcrawford23 View Post
deporhmation definition has one to alert people to phorm only problem is they do not have one to make it clear you do not want phorm to intercept yoru website data. Oh well i will write one and post the code here

---------- Post added at 10:40 ---------- Previous post was at 10:32 ----------

Is the depormation site javascript meant to say i have a opt-out cookie?
Have a good look through the solutions, I'm sure everything you need is there (or at least, enough to get you closer).

First htaccess can be used to block BT customers from your site completely (see Dephormation for a file of Deny directives). Its a blunt instrument, but 100% effective.

Second, the "Javascript Tripwire Test" is intended to detect and reject a visitor with any cookies set (if your site doesn't use cookies), or a visitor with a Phorm UID cookie (if you use cookies, but want to detect Phorm). If a Phormed visitor is detected, you can send them off to Badphorm, or even a Google search for "donkeys".

Third, a trivial piece of PHP ("Server Dephormation") can be used to unwrite or corrupt a Phorm UID, and rewrite an opt out cookie (though Phorm still copy the pages anyway, they just don't deliver ads). The details of the cookies Phorm sets aren't entirely clear yet, but if the code is in place, its simply a matter of a string replacement. [Beware, this may cause users to become alarmed if they find apparent Phorm cookies appearing unexpectedly].

I've got a couple of other contributed solutions to add, hopefully this weekend, that involve other excellent methods of reliable detection. Including counting cookies, and a two cookie test which spots Phorm hiding their UID cookie.

Regards RIPA and Copyright, its not your obligation to make BT legal. Its BT's obligation to rediscover legality, and abide by the law. Put a copyright and RIPA notice on your site.

One other recommended option, if available to you, provide complete content encryption using SSL. This will stop Phorm gaining access to your content, though they may still gain marketing intelligence about your visitors by IP address (though they claim not to).

Pete.
Dephormation is offline