Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

[rryles]

Quote:

Originally Posted by HamsterWheel

I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.

Without cracking SSL this is not possible. The URL is encrypted along with all the headers. The only thing in plain text is the TCP/IP level data - i.e. the source and destination IP addresses.

Quote:

Originally Posted by HamsterWheel

Also remember that their anti-phishing will not need you to download updates of known sites like most of the norton's etc do, so will be much more up-to-date.

I'd have to check for other solutions but as far as Firefox is concerned you have the choice of either a regularly downloaded list to check locally, or if you *opt-in* you can send your urls (not cookies, not server responses) to a real time checking service.

[Dephormation]

Quote:

Originally Posted by HamsterWheel

I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.
Remember Phorm are a sponsoring member of the AWG http://www.antiphishing.org/sponsors.html and would not be daft enough to offer something that did not cope with a large proportion of phishing attacks.

So you're saying HTTPS traffic is intercepted by Phorm?

That's interesting.

It would be, your own words daft, to ignore HTTPS requests which might lead to phishing sites.

But in terms of privacy, it would be even more outrageous than the already outrageous intrusion that is Phorm.

Particularly if both ends to the communication do not have a serviceable OPT IN mechanism.

Pow!, pow! Both barrels unloaded. Hey look, no feet left.

Pete

[Deko]

Anyone can sponsor AWG and have their logo put up. Maybe we should find out and have a NODPI logo on there.

[thebarron]

Going down!!!!!!!!!!

http://finance.google.com/finance?q=LON:PHRM

[Florence]

Quote:

Originally Posted by HamsterWheel

I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.
Remember Phorm are a sponsoring member of the AWG http://www.antiphishing.org/sponsors.html and would not be daft enough to offer something that did not cope with a large proportion of phishing attacks.

Also remember that their anti-phishing will not need you to download updates of known sites like most of the norton's etc do, so will be much more up-to-date. So a much better, and free offering than that currently available.
You see - Phorm is simply the best :-)

Also remember that they have servers at Planet in Huston a hosting company that is in the top 10 world hosting companies that host phishing websites.


Seems they have too many fingers in too many pies for my taste.

[Dephormation]

iii, 920p

[Florence]

Quote:

Originally Posted by Dephormation

iii, 920p

Will soon join BT's measly £2.00 a share we paid much more than that years ago thanks to Phorm our investment is going down the pan also.

[TheBruce1]

Quote:

Originally Posted by davews

From: Steve Gibson <news07_@_grc.com>
Newsgroups: grc.securitynow

High Quality - 51,224,683 bytes
http://media.grc.com/sn/sn-151-.mp3

Low Quality - 12,824,812 bytes
http://media.grc.com/sn/sn-151-lq.mp3

--
Available now on his own servers.

Thank you.

Quote:

Originally Posted by phormwatch

Dave Jevans, Chairman of the APWG, sent me an email saying this about Phorm: 'I don't like the categorization that its an "anti phishing solution".'

I have never had a reply back from APWG, then again i keep sending e-mails that webwise.bt is a phish site or any other that is connected to phorm, you can do this with siteadivsor and sitehound as well.
http://www.firetrust.com/en/products/sitehound
http://www.siteadvisor.com/
http://www.trendsecure.com/portal/en...s/trendprotect

For FireFox 1.5 and above, there is WOT.
http://www.mywot.com/

Quote:

Originally Posted by thebarron

Going down!!!!!!!!!!

http://finance.google.com/finance?q=LON:PHRM

May it long continue

[phormwatch]

Quote:

Originally Posted by Deko

Anyone can sponsor AWG and have their logo put up. Maybe we should find out and have a NODPI logo on there.

It would seem so. I have contacted the APWG on numerous occasions regarding Phorm. I have spelled out all the arguments for them, and listed the number of people and organisations who think Phorm is illegal according to UK law.

I received positive feedback initially. By this time, however, they had already accepted a sponsorship (i.e. money) from Phorm. I imaging they found it hard to give back the $5000 which they received from them, because Phorm is still a member.

If you think Phorm should be removed as a sponsor of the APWG, by all means complain:

Press inquiries pressrequest@antiphishing.org
Other general questions info@antiphishing.org

[OldBear]

Quote:

Originally Posted by davews

From: Steve Gibson <news07_@_grc.com>
Newsgroups: grc.securitynow

High Quality - 51,224,683 bytes
http://media.grc.com/sn/sn-151-.mp3

Low Quality - 12,824,812 bytes
http://media.grc.com/sn/sn-151-lq.mp3

--
Available now on his own servers.

Thanks for this, dave.

An excellent analysis of Phorm by Steve Gibson. His description and distaste for this system very much reminds me of what Dr Richard Clayton wrote in his blog, AND said at the Town Hall meeting.

Incidentally, personally I think Dr Clayton's talk at that meeting was one of the main reasons for the video not being released.

OB

[phormwatch]

>I have never had a reply back from APWG, then again i keep sending e-mails that >webwise.bt is a phish site or any other that is connected to phorm, you can do this with >siteadivsor and sitehound as well.
>http://www.firetrust.com/en/products/sitehound
>http://www.siteadvisor.com/
>http://www.trendsecure.com/portal/en...s/trendprotect

So do I.

I'm also compiling a list of sites where you can report phishing scams. I will publish it soon so everyone can use it.

[Privacy_Matters]

Interesting Revelation

Just found out today, that RIPA does not apply in Scotland. Scotland has it's own version, as with many Legislations, called RIP(S)A:

http://www.opsi.gov.uk/legislation/s..._20000011_en_1

Anyone in the know, please help compare.

EDIT: So far I can only confirm that RIP(S)A pertains to Police and Local Authorities.

[TheBruce1]

Quote:

Originally Posted by Privacy_Matters

Just found out today, that RIPA does not apply in Scotland. Scotland has it's own version, as with many Legislations, called RIP(S)A:

http://www.opsi.gov.uk/legislation/s..._20000011_en_1

Never knew that, i know the SNP are against ID Cards, which is great.

[warescouse]

Quote:

Originally Posted by Dephormation

So you're saying HTTPS traffic is intercepted by Phorm?

That's interesting.

It would be, your own words daft, to ignore HTTPS requests to phishing sites.

But in terms of privacy, it would be even more outrageous than the already outrageous intrusion that is Phorm.

Particularly if both ends to the communication do not have a serviceable OPT IN mechanism.

Pow!, pow! Both barrels unloaded. Hey look, no feet left.

Pete

I think the wheel may have gone just a little too fast for the poor creature.

[davews]

Quote:

Originally Posted by rryles

Without cracking SSL this is not possible. The URL is encrypted along with all the headers. The only thing in plain text is the TCP/IP level data - i.e. the source and destination IP addresses.



I'd have to check for other solutions but as far as Firefox is concerned you have the choice of either a regularly downloaded list to check locally, or if you *opt-in* you can send your urls (not cookies, not server responses) to a real time checking service.

The phishing databases only need the URL, there is no need to set up a secure connection to flag it as a dodgey url.

Opera's anti-phishing works by checking a remote database as well, nothing needed to be stored on your computer.