Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

So they wrote to him on the 22nd July to tell him that they couldn't reply until the 19th July

Here's the info explaining the Qualified Exemption and Public Interest Tests. I'll not comment on the reasons for the police taking this line but it is worth pointing out the factors that are taken into account in the Test.

Based on guidance information and other publications, relevant factors that should be considered by an Institution include: -

* the general public interest in accessible information;
* would disclosure contribute to the administration of justice or enforcement of law?;
* would disclosure inform the public of any danger to public health or safety?;
* would disclosure contribute to a debate of importance?; and
* would disclosure prejudice a person's privacy rights?

Factors which should NOT be taken into account by an Institution include: -

* the possible embarrassment of Institutions or other officials;
* the possible loss of confidence in Institutions or public authority;
* the seniority of persons involved; and
* the risk of an applicant misinterpreting the information.

[phormwatch]

>So they wrote to him on the 22nd July to tell him that they couldn't reply until the 19th July

Sorry, a post on BadPhorm later explains that that's a typo: it's meant to say Aug 19th.

Quote:

Originally Posted by phormwatch

Kent Ertugrul:
There's no obvious way to pay for a better, faster browsing experience.

Er yes there is Kent... Provide services customers want and will pay for.

As I type that, I want to do that expression Kent did in the BBC Click video when he pretended to be confused and shocked by something Alexander said.

D'oh! So obvious really. So obvious but yet so unclear to Kent who, bless, cannot understand why consumers would not want his Phorm Webwise 'service'. Awwww.

[SMHarman]

Quote:

Originally Posted by Portly_Giraffe

So would you share Lord West's view, or do you mean that we should behave as though Internet communications are no more secure than sending a postcard?

Internet communication should be as secure as sending a letter. The packet headers (or envelope) are read to deliver the letter. Already DPI is occuring to monitor the type of traffic, this means the envelope is being opened making the envelope more akin to an unsealed letter with the flap tucked in.

I don't share Lord Wests view, I feel Internet communications are no more secure than sending a postcard, then again I know that everything I do on the internet and email connections I am predominantly in front of is subject to retention and review anyway.

[Tezcatlipoca]

May I please remind everyone that deliberately "misspelling" someone's name in such a way that it can be confused with a rather offensive word is not acceptable, and has previously been warned against. Please do not resort to petty insults against those on the other side of the Phorm issue - it does you no good. Your cause is a just one IMO, and there is no need to stoop to insults to fight it.

[phormwatch]

Sorry, I didn't see that warning.

Quote:

Originally Posted by Peter N

I'll not comment on the reasons for the police taking this line

I was about to wade into each point you made but I think I'll do the same, no comment (for now - until about August 19th anyway)



Good night all.

[SMHarman]

http://news.bbc.co.uk/1/hi/england/7520598.stm

Not greatly related to Phorm but of course a good example of how power without checks and balances can corrupt and be misused. While Phorm now say of course we won't look at... Over time...

[warescouse]

Quote:

Originally Posted by SMHarman

http://news.bbc.co.uk/1/hi/england/7520598.stm

Not greatly related to Phorm but of course a good example of how power without checks and balances can corrupt and be misused. While Phorm now say of course we won't look at... Over time...

I think it was George Bernard Shaw who said, "Power does not corrupt men; fools, however, if they get into a position of power, corrupt power"

---------- Post added at 00:23 ---------- Previous post was at 00:14 ----------

Quote:

Originally Posted by Hank

Er yes there is Kent... Provide services customers want and will pay for.

As I type that, I want to do that expression Kent did in the BBC Click video when he pretended to be confused and shocked by something Alexander said.

D'oh! So obvious really. So obvious but yet so unclear to Kent who, bless, cannot understand why consumers would not want his Phorm Webwise 'service'. Awwww.

It was quite a Kent'ish moment. Such a natural actor... Not!

[icsys]

Decided it is time for another FoI request.
We have heard too many times that BT 'sought legal advice'. Its time it was made public.
What are the chances of the information being released?

http://www.whatdotheyknow.com/reques...#outgoing-1864

[BetBlowWhistler]

Quote:

Originally Posted by Peter N

Based on guidance information and other publications, relevant factors that should be considered by an Institution include: -

* would disclosure contribute to the administration of justice or enforcement of law?;

Do you think the situation being investigated by the Police courtesy of Alex might explain it?

---------- Post added at 08:05 ---------- Previous post was at 07:52 ----------

Quote:

Originally Posted by SMHarman

Internet communication should be as secure as sending a letter. The packet headers (or envelope) are read to deliver the letter. Already DPI is occuring to monitor the type of traffic, this means the envelope is being opened making the envelope more akin to an unsealed letter with the flap tucked in.

I don't share Lord Wests view, I feel Internet communications are no more secure than sending a postcard, then again I know that everything I do on the internet and email connections I am predominantly in front of is subject to retention and review anyway.

It's worth pointing out to the non technical that the IP packets that everyone refers to has two sections.
1. IP Header
2. Payload

The IP header contains information to allow the packet to traverse the internet. Source IP, Destination IP, protocol type etc.

You should note that the information in this header cannot be used for traffic shaping of http traffic and the like as it would only mention the protocol 'tcp'.

You have to process this packet to 'strip off the outer layer' thus revealing the payload to consist of the following (let's continue with the http example)..

1. TCP Header
2. Payload

The TCP header contains other information for the processing computer so it knows what to do with it and how the packet fits in with other packets. Key fields in this header are the source and destination ports.

Most people will know by now that http runs on tcp/80, and this is all the information you really need to shape this traffic. You could distinguish between ftp, http and bit-torrent traffic at this level assuming everyone is using the standard ports for such protocols.

What DPI does is to look into the payload section which contains information for the application that is listening on the mentioned port, in this case port 80. For the sake of simplicity this is where your personal information is kept and you could also analyse the payload to see if you really are looking at http traffic or if you have disguised a bit-torrent stream on port 80.

My point is, it is nothing like a postcard apart from the fact that the packet isn't encrypted. (With encrypted traffic you would typically only see the IP header information so it can get where it's going).

It is very much like an envelope within an envelope within an envelope.

Anyone wishing to understand further is encouraged to google 'osi 7 layer model' - you should be able to find some general overviews. Even the wiki pages might be understandable

[Rchivist]

Quote:

Originally Posted by BetBlowWhistler

Do you think the situation being investigated by the Police courtesy of Alex might explain it?

---------- Post added at 08:05 ---------- Previous post was at 07:52 ----------



It's worth pointing out to the non technical that the IP packets that everyone refers to has two sections.
1. IP Header
2. Payload

The IP header contains information to allow the packet to traverse the internet. Source IP, Destination IP, protocol type etc.

You should note that the information in this header cannot be used for traffic shaping of http traffic and the like as it would only mention the protocol 'tcp'.

You have to process this packet to 'strip off the outer layer' thus revealing the payload to consist of the following (let's continue with the http example)..

1. TCP Header
2. Payload

The TCP header contains other information for the processing computer so it knows what to do with it and how the packet fits in with other packets. Key fields in this header are the source and destination ports.

Most people will know by now that http runs on tcp/80, and this is all the information you really need to shape this traffic. You could distinguish between ftp, http and bit-torrent traffic at this level assuming everyone is using the standard ports for such protocols.

What DPI does is to look into the payload section which contains information for the application that is listening on the mentioned port, in this case port 80. For the sake of simplicity this is where your personal information is kept and you could also analyse the payload to see if you really are looking at http traffic or if you have disguised a bit-torrent stream on port 80.

My point is, it is nothing like a postcard apart from the fact that the packet isn't encrypted. (With encrypted traffic you would typically only see the IP header information so it can get where it's going).

It is very much like an envelope within an envelope within an envelope.

Anyone wishing to understand further is encouraged to google 'osi 7 layer model' - you should be able to find some general overviews. Even the wiki pages might be understandable

I have no idea if this is relevant or not as it is too technical for me - but as a BT customer I now find that the ThinkBroadband speed test on default settings does not give me an accurate reading - generally very very low- I have to rerun it using the port 80 alternative to get a proper result.

And the BT official speedtester has a weird Firefox related fault (for some people, including me, who get a java socket error in the results and the test hangs) that can be overcome by using either IE7 (with same Java) or using our Firefox, putting in the IP address, instead of the url.

These are the sort of problems that BT "investigate" but never seem to be able to solve nowadays.

Might this be in any way connected ? (quite happy to be totally wrong here - please educate me)

---------- Post added at 08:19 ---------- Previous post was at 08:18 ----------

Quote:

Originally Posted by icsys

Decided it is time for another FoI request.
We have heard too many times that BT 'sought legal advice'. Its time it was made public.
What are the chances of the information being released?

http://www.whatdotheyknow.com/reques...#outgoing-1864

Not sure there is a lot of point as BT being a commercial company and not a public body, won't be required to disclose commercial legal advice. AFAIK

[bluecar1]

Quote:

Originally Posted by fidbod

@ Devils Advocate.

One of your previous posts stated you would be concerned if it could be shown that the Phorm system made personally identifiable information (PII) available. I would argue that Phorm also increases your security risk significantly. I am interested in your thoughts on the following thought experiment.

1. The cookie that Phorm set on your PC contains a unique identifier (UID)

2. Your PC's IP address can be read from the HTML requests generated when browsing.

3. Malicous Javascript code on a website can "read" the Phorm UID from your machine.

As a malicous person I now have two pieces of information unique to your PC. That I can use to target you.

You could argue for a long time whether these two bits of information are PII and I will not offer judgement on that. However it is now much easier for me to target your PC to extract further infomation.

thoughts?

catching up as have been very busy lately

phorms profiler is supposed to strip the phorm related data back out of the cookie on the fly when a website requests it, but if a web site switches from port 80 to another port 443(ssl) for instance that information will not be stripped and will then be visible to the website

so the cookie can leak you UID
peter

---------- Post added at 08:36 ---------- Previous post was at 08:32 ----------

Quote:

Originally Posted by rryles

I have looked at the RIPA explanatory notes and I'm afraid I still see a problem. I think phorm will argue the following:

Code:

The data is not made available to any person.
The data is processed by an automated system which produces some other data.
This other data is made available to another automated system and potentially certain people.
This other data does not represent any part of the communication.

I really would love to be shown the error of my thinking. I want phorm and BT to be held legally accountable for the trials and I want the whole idea of dpi for advertising to be litigated into oblivion.

still catching up.

on thing you miss, the data is available to the system admins in the form of the diagnostic logs, which we are told are kept for upto 14 days but not told what happens after that

peter

---------- Post added at 08:57 ---------- Previous post was at 08:36 ----------

Quote:

Originally Posted by rryles

The original link always points to the latest days proceedings. The pertinent information can still be found here:

http://www.publications.parliament.u...08071786000006
.

not sure if below is relevant

***************
The Parliamentary Under-Secretary of State, Home Office (Lord West of Spithead): My Lords, the Home Office provides guidance about lawful interception conducted under warrant for law-enforcement purposes. This is separate from advice provided by the Department for Business, Enterprise and Regulatory Reform on the relevant business facing legislation. ISPs may, with the consent of the consumer, use information about consumers’ internet use for the provision of value-added services. The Information Commissioner provides information to the public on privacy issues.
***************


my bold / UL so is this say that the HO should only give advice regarding interception under warrant? if so does that mean that phorm spoke to the wrong dept and got duff info?

and that DBERR are the ones they should be checking with and so should we? anyone done an FoI request to DBERR?

note the important point "provision of value add service" AKA anti phishing

could it not be argued that to be a value add service it would need to be a service users required not duplicate one they already have? if this were so then webwise would lose its immunity from perc as it would no longer be a value add service?

peter

[BetBlowWhistler]

Quote:

Originally Posted by R Jones

putting in the IP address, instead of the url.

What you are doing here is bypassing the DNS lookup phase (udp/53).

DNS has a default timeout of 2 seconds, and since the traffic is udp (connectionless) if the packet is 'lost' along the way there is no automatic re-submission.

If the DNS is busy (this takes a lot but it depends on which dns servers you have configured) you can easily wait up to 6 seconds for a dns response (an eternity!) or even get a page not found error in your browser (which tells you to refresh which effectively resubmits the dns request).

This has been a public service announcement by the geek-squad

[rryles]

Quote:

Originally Posted by bluecar1

on thing you miss, the data is available to the system admins in the form of the diagnostic logs, which we are told are kept for upto 14 days but not told what happens after that

peter

I think this was mentioned. If they keep any logs that contain what is deemed communication data then would likely be an interception under RIPA (if it's stored it can be accessed by someone). However, they may well change what is logged for the roll out and we don't know what was logged during the trials either. If they logged IP addresses, I don't think that is communication data, but traffic data, so may not fall fowl of RIPA. It would however come under DPA, as it is PII.

Looking at the bigger picture -

There are many potential legal problems with what phorm is trying to do. Whilst it may be possible to work within the bounds of the law, it certainly isn't easy. The trials seem to fall well short of the requirements for legality. (no consent from anyone at all, code injection, etc.) However a lot of the evidence relating to the trials has probably conveniently disappeared now. All that we are left with is the claims of phorm and BT. The same claims that got them the all clear from the legal advice they sought.

I imagine an exchange something like this:

"We don't store anything and We don't use any PII"
"Well it should be legal then"

Of course, they do store various bits of data, and they do process PII, and they do copy copyrighted content. All of which puts the legality into serious doubt.

I know some of you don't care about the legality or not - "it simply must be stopped". To which I say this: If it is found to be illegal by a court, then it will be stopped - dead.

P.S. (Going off on a tangent slightly) I'm surprised that any lawyer would give a simple statement that something was legal. It'd leave them too vulnerable. Instead I'd expect something along the lines of "Based on the information available to me at this time, I believe that the proposal in its current form is unlikely to be in breach of <specific act of parliament>"