Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 18-03-2008, 20:36   #1393
lucevans
Inactive
 
Join Date: Jan 2007
Posts: 272
lucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of lightlucevans is a glorious beacon of light
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
In the absence of any information forthcoming from Phorm or Virgin Media, here are some more questions:

Tucked away in the small print of the scheme is the fact that a far more detailed record of the online activity of every customer will be stored in a "debugging" log for 14 days by Phorm, than will be stored in the "digest" (i.e. the aggregated, anonymized record they plan to hold on each of us for the purpose of targetting adverts at us).

What data fields will the debugging log contain? Will it include a user's IP address? Will it contain any of the information that was stripped-out of the digest to preserve the individuals anonymity or security? (By this I mean data like form fields, numbers, names, webmail data, etc.). Will it contain the raw data of encrypted pages that pass through the profiler?

It seems to me that by concentrating on the "anonymity" of the digest record of every customer, Phorm may be seeking to divert our attention from another, far more detailed, far less anonymous record that will be held "purely for administration and troubleshooting purposes"

Even if their intentions are honest regarding use of the debugging records (something I find hard to believe), surely these files would present a much more attractive target to hackers or criminal employees within Phorm or the ISPs, as they would contain lucrative personal information.

Who gets to see the debugging logs? (Russian spyware programmers, perhaps?) Are they exported outside the UK for "troubleshooting" by the "talented teams of programmers" that Phorm employ in the US and Russia? How do we know that they are irrecoverably destroyed after 14 days?

The questions just keep coming. Shame there are no answers.

---------- Post added at 20:36 ---------- Previous post was at 19:37 ----------

Quote:
Originally Posted by Florence View Post
Well this is an interesting read hope you all have time to read it.

http://yro.slashdot.org/comments.pl?...8&cid=22777122

First paragraph to get you all in the mood.
Thanks for the link - very interesting (and scary)!

If that is how the system is going to work, then surely opting-out by the method of domain blocking will really knacker my web connection?

If the Phorm hardware wants to check a Phorm cookie (be it the user ID or opt-out variety) then the system will have to wait until some time-out is reached with regard to the cookie check, to be sure that I really don't have a cookie, because my router will just drop all attempts to communicate with any of the Phorm domains, so every page load will be delayed hugely.

I've demonstrated this to myself already by going to http://webwise.bt.com/webwise/index.html and watching it attempt to contact the cookie server at the domain webwise.net The page doesn't fully finish loading for almost 60 seconds due to these repeated attempts, and presumably, if this system goes live then every page request I make will then be subject to the same futile attempts to connect to the phorm server?
lucevans is offline